blob: 04bf657d54619daa5a89c608ef5049377328f9d9 [file] [log] [blame]
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -08001/*
2 * Copyright (C) 2007 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include <ctype.h>
18#include <errno.h>
19#include <fcntl.h>
20#include <getopt.h>
21#include <limits.h>
22#include <linux/input.h>
23#include <stdio.h>
24#include <stdlib.h>
25#include <string.h>
26#include <sys/reboot.h>
Doug Zongker23ceeea2010-07-08 17:27:55 -070027#include <sys/stat.h>
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -080028#include <sys/types.h>
29#include <time.h>
30#include <unistd.h>
31
32#include "bootloader.h"
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -080033#include "common.h"
34#include "cutils/properties.h"
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -080035#include "install.h"
36#include "minui/minui.h"
37#include "minzip/DirUtil.h"
38#include "roots.h"
Doug Zongkerddd6a282009-06-09 12:22:33 -070039#include "recovery_ui.h"
Oscar Montemayor52219a62010-02-25 16:47:02 -080040#include "encryptedfs_provisioning.h"
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -080041
42static const struct option OPTIONS[] = {
43 { "send_intent", required_argument, NULL, 's' },
44 { "update_package", required_argument, NULL, 'u' },
45 { "wipe_data", no_argument, NULL, 'w' },
46 { "wipe_cache", no_argument, NULL, 'c' },
Oscar Montemayor52219a62010-02-25 16:47:02 -080047 { "set_encrypted_filesystems", required_argument, NULL, 'e' },
Doug Zongker988500b2009-10-06 14:41:38 -070048 { NULL, 0, NULL, 0 },
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -080049};
50
51static const char *COMMAND_FILE = "CACHE:recovery/command";
52static const char *INTENT_FILE = "CACHE:recovery/intent";
53static const char *LOG_FILE = "CACHE:recovery/log";
Ying Wang532c8602010-09-01 14:52:22 -070054static const char *SDCARD_PACKAGE_FILE = "SDCARD:update.zip";
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -080055static const char *TEMPORARY_LOG_FILE = "/tmp/recovery.log";
Doug Zongker23ceeea2010-07-08 17:27:55 -070056static const char *SIDELOAD_TEMP_DIR = "TMP:sideload";
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -080057
58/*
59 * The recovery tool communicates with the main system through /cache files.
60 * /cache/recovery/command - INPUT - command line for tool, one arg per line
61 * /cache/recovery/log - OUTPUT - combined log file from recovery run(s)
62 * /cache/recovery/intent - OUTPUT - intent that was passed in
63 *
64 * The arguments which may be supplied in the recovery.command file:
65 * --send_intent=anystring - write the text out to recovery.intent
66 * --update_package=root:path - verify install an OTA package file
67 * --wipe_data - erase user data (and cache), then reboot
68 * --wipe_cache - wipe cache (but not user data), then reboot
Oscar Montemayor05231562009-11-30 08:40:57 -080069 * --set_encrypted_filesystem=on|off - enables / diasables encrypted fs
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -080070 *
71 * After completing, we remove /cache/recovery/command and reboot.
72 * Arguments may also be supplied in the bootloader control block (BCB).
73 * These important scenarios must be safely restartable at any point:
74 *
75 * FACTORY RESET
76 * 1. user selects "factory reset"
77 * 2. main system writes "--wipe_data" to /cache/recovery/command
78 * 3. main system reboots into recovery
79 * 4. get_args() writes BCB with "boot-recovery" and "--wipe_data"
80 * -- after this, rebooting will restart the erase --
81 * 5. erase_root() reformats /data
82 * 6. erase_root() reformats /cache
83 * 7. finish_recovery() erases BCB
84 * -- after this, rebooting will restart the main system --
85 * 8. main() calls reboot() to boot main system
86 *
87 * OTA INSTALL
88 * 1. main system downloads OTA package to /cache/some-filename.zip
89 * 2. main system writes "--update_package=CACHE:some-filename.zip"
90 * 3. main system reboots into recovery
91 * 4. get_args() writes BCB with "boot-recovery" and "--update_package=..."
92 * -- after this, rebooting will attempt to reinstall the update --
93 * 5. install_package() attempts to install the update
94 * NOTE: the package install must itself be restartable from any point
95 * 6. finish_recovery() erases BCB
96 * -- after this, rebooting will (try to) restart the main system --
97 * 7. ** if install failed **
98 * 7a. prompt_and_wait() shows an error icon and waits for the user
99 * 7b; the user reboots (pulling the battery, etc) into the main system
100 * 8. main() calls maybe_install_firmware_update()
101 * ** if the update contained radio/hboot firmware **:
102 * 8a. m_i_f_u() writes BCB with "boot-recovery" and "--wipe_cache"
103 * -- after this, rebooting will reformat cache & restart main system --
104 * 8b. m_i_f_u() writes firmware image into raw cache partition
105 * 8c. m_i_f_u() writes BCB with "update-radio/hboot" and "--wipe_cache"
106 * -- after this, rebooting will attempt to reinstall firmware --
107 * 8d. bootloader tries to flash firmware
108 * 8e. bootloader writes BCB with "boot-recovery" (keeping "--wipe_cache")
109 * -- after this, rebooting will reformat cache & restart main system --
110 * 8f. erase_root() reformats /cache
111 * 8g. finish_recovery() erases BCB
112 * -- after this, rebooting will (try to) restart the main system --
113 * 9. main() calls reboot() to boot main system
Oscar Montemayor05231562009-11-30 08:40:57 -0800114 *
Oscar Montemayor52219a62010-02-25 16:47:02 -0800115 * SECURE FILE SYSTEMS ENABLE/DISABLE
Oscar Montemayor05231562009-11-30 08:40:57 -0800116 * 1. user selects "enable encrypted file systems"
Oscar Montemayor52219a62010-02-25 16:47:02 -0800117 * 2. main system writes "--set_encrypted_filesystems=on|off" to
Oscar Montemayor05231562009-11-30 08:40:57 -0800118 * /cache/recovery/command
119 * 3. main system reboots into recovery
120 * 4. get_args() writes BCB with "boot-recovery" and
121 * "--set_encrypted_filesystems=on|off"
122 * -- after this, rebooting will restart the transition --
123 * 5. read_encrypted_fs_info() retrieves encrypted file systems settings from /data
124 * Settings include: property to specify the Encrypted FS istatus and
125 * FS encryption key if enabled (not yet implemented)
126 * 6. erase_root() reformats /data
127 * 7. erase_root() reformats /cache
128 * 8. restore_encrypted_fs_info() writes required encrypted file systems settings to /data
129 * Settings include: property to specify the Encrypted FS status and
130 * FS encryption key if enabled (not yet implemented)
131 * 9. finish_recovery() erases BCB
132 * -- after this, rebooting will restart the main system --
133 * 10. main() calls reboot() to boot main system
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800134 */
135
136static const int MAX_ARG_LENGTH = 4096;
137static const int MAX_ARGS = 100;
138
139// open a file given in root:path format, mounting partitions as necessary
140static FILE*
141fopen_root_path(const char *root_path, const char *mode) {
142 if (ensure_root_path_mounted(root_path) != 0) {
143 LOGE("Can't mount %s\n", root_path);
144 return NULL;
145 }
146
147 char path[PATH_MAX] = "";
148 if (translate_root_path(root_path, path, sizeof(path)) == NULL) {
149 LOGE("Bad path %s\n", root_path);
150 return NULL;
151 }
152
153 // When writing, try to create the containing directory, if necessary.
154 // Use generous permissions, the system (init.rc) will reset them.
155 if (strchr("wa", mode[0])) dirCreateHierarchy(path, 0777, NULL, 1);
156
157 FILE *fp = fopen(path, mode);
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800158 return fp;
159}
160
161// close a file, log an error if the error indicator is set
162static void
163check_and_fclose(FILE *fp, const char *name) {
164 fflush(fp);
165 if (ferror(fp)) LOGE("Error in %s\n(%s)\n", name, strerror(errno));
166 fclose(fp);
167}
168
169// command line args come from, in decreasing precedence:
170// - the actual command line
171// - the bootloader control block (one per line, after "recovery")
172// - the contents of COMMAND_FILE (one per line)
173static void
174get_args(int *argc, char ***argv) {
175 struct bootloader_message boot;
176 memset(&boot, 0, sizeof(boot));
177 get_bootloader_message(&boot); // this may fail, leaving a zeroed structure
178
179 if (boot.command[0] != 0 && boot.command[0] != 255) {
180 LOGI("Boot command: %.*s\n", sizeof(boot.command), boot.command);
181 }
182
183 if (boot.status[0] != 0 && boot.status[0] != 255) {
184 LOGI("Boot status: %.*s\n", sizeof(boot.status), boot.status);
185 }
186
187 // --- if arguments weren't supplied, look in the bootloader control block
188 if (*argc <= 1) {
189 boot.recovery[sizeof(boot.recovery) - 1] = '\0'; // Ensure termination
190 const char *arg = strtok(boot.recovery, "\n");
191 if (arg != NULL && !strcmp(arg, "recovery")) {
192 *argv = (char **) malloc(sizeof(char *) * MAX_ARGS);
193 (*argv)[0] = strdup(arg);
194 for (*argc = 1; *argc < MAX_ARGS; ++*argc) {
195 if ((arg = strtok(NULL, "\n")) == NULL) break;
196 (*argv)[*argc] = strdup(arg);
197 }
198 LOGI("Got arguments from boot message\n");
199 } else if (boot.recovery[0] != 0 && boot.recovery[0] != 255) {
200 LOGE("Bad boot message\n\"%.20s\"\n", boot.recovery);
201 }
202 }
203
204 // --- if that doesn't work, try the command file
205 if (*argc <= 1) {
206 FILE *fp = fopen_root_path(COMMAND_FILE, "r");
207 if (fp != NULL) {
208 char *argv0 = (*argv)[0];
209 *argv = (char **) malloc(sizeof(char *) * MAX_ARGS);
210 (*argv)[0] = argv0; // use the same program name
211
212 char buf[MAX_ARG_LENGTH];
213 for (*argc = 1; *argc < MAX_ARGS; ++*argc) {
214 if (!fgets(buf, sizeof(buf), fp)) break;
215 (*argv)[*argc] = strdup(strtok(buf, "\r\n")); // Strip newline.
216 }
217
218 check_and_fclose(fp, COMMAND_FILE);
219 LOGI("Got arguments from %s\n", COMMAND_FILE);
220 }
221 }
222
223 // --> write the arguments we have back into the bootloader control block
224 // always boot into recovery after this (until finish_recovery() is called)
225 strlcpy(boot.command, "boot-recovery", sizeof(boot.command));
226 strlcpy(boot.recovery, "recovery\n", sizeof(boot.recovery));
227 int i;
228 for (i = 1; i < *argc; ++i) {
229 strlcat(boot.recovery, (*argv)[i], sizeof(boot.recovery));
230 strlcat(boot.recovery, "\n", sizeof(boot.recovery));
231 }
232 set_bootloader_message(&boot);
233}
234
Doug Zongker34c98df2009-08-18 12:05:45 -0700235static void
Oscar Montemayor05231562009-11-30 08:40:57 -0800236set_sdcard_update_bootloader_message() {
Doug Zongker34c98df2009-08-18 12:05:45 -0700237 struct bootloader_message boot;
238 memset(&boot, 0, sizeof(boot));
239 strlcpy(boot.command, "boot-recovery", sizeof(boot.command));
240 strlcpy(boot.recovery, "recovery\n", sizeof(boot.recovery));
241 set_bootloader_message(&boot);
242}
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800243
244// clear the recovery command and prepare to boot a (hopefully working) system,
245// copy our log file to cache as well (for the system to read), and
246// record any intent we were asked to communicate back to the system.
247// this function is idempotent: call it as many times as you like.
248static void
Oscar Montemayor05231562009-11-30 08:40:57 -0800249finish_recovery(const char *send_intent) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800250 // By this point, we're ready to return to the main system...
251 if (send_intent != NULL) {
252 FILE *fp = fopen_root_path(INTENT_FILE, "w");
Jay Freeman (saurik)619ec2f2008-11-17 01:56:05 +0000253 if (fp == NULL) {
254 LOGE("Can't open %s\n", INTENT_FILE);
255 } else {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800256 fputs(send_intent, fp);
257 check_and_fclose(fp, INTENT_FILE);
258 }
259 }
260
261 // Copy logs to cache so the system can find out what happened.
262 FILE *log = fopen_root_path(LOG_FILE, "a");
Jay Freeman (saurik)619ec2f2008-11-17 01:56:05 +0000263 if (log == NULL) {
264 LOGE("Can't open %s\n", LOG_FILE);
265 } else {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800266 FILE *tmplog = fopen(TEMPORARY_LOG_FILE, "r");
267 if (tmplog == NULL) {
268 LOGE("Can't open %s\n", TEMPORARY_LOG_FILE);
269 } else {
270 static long tmplog_offset = 0;
271 fseek(tmplog, tmplog_offset, SEEK_SET); // Since last write
272 char buf[4096];
273 while (fgets(buf, sizeof(buf), tmplog)) fputs(buf, log);
274 tmplog_offset = ftell(tmplog);
275 check_and_fclose(tmplog, TEMPORARY_LOG_FILE);
276 }
277 check_and_fclose(log, LOG_FILE);
278 }
279
Oscar Montemayor05231562009-11-30 08:40:57 -0800280 // Reset to mormal system boot so recovery won't cycle indefinitely.
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800281 struct bootloader_message boot;
282 memset(&boot, 0, sizeof(boot));
283 set_bootloader_message(&boot);
284
285 // Remove the command file, so recovery won't repeat indefinitely.
286 char path[PATH_MAX] = "";
287 if (ensure_root_path_mounted(COMMAND_FILE) != 0 ||
288 translate_root_path(COMMAND_FILE, path, sizeof(path)) == NULL ||
289 (unlink(path) && errno != ENOENT)) {
290 LOGW("Can't unlink %s\n", COMMAND_FILE);
291 }
292
293 sync(); // For good measure.
294}
295
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800296static int
Oscar Montemayor05231562009-11-30 08:40:57 -0800297erase_root(const char *root) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800298 ui_set_background(BACKGROUND_ICON_INSTALLING);
299 ui_show_indeterminate_progress();
300 ui_print("Formatting %s...\n", root);
301 return format_root_device(root);
302}
303
Doug Zongker23ceeea2010-07-08 17:27:55 -0700304static char*
305copy_sideloaded_package(const char* original_root_path) {
306 if (ensure_root_path_mounted(original_root_path) != 0) {
307 LOGE("Can't mount %s\n", original_root_path);
308 return NULL;
309 }
310
311 char original_path[PATH_MAX] = "";
312 if (translate_root_path(original_root_path, original_path,
313 sizeof(original_path)) == NULL) {
314 LOGE("Bad path %s\n", original_root_path);
315 return NULL;
316 }
317
318 if (ensure_root_path_mounted(SIDELOAD_TEMP_DIR) != 0) {
319 LOGE("Can't mount %s\n", SIDELOAD_TEMP_DIR);
320 return NULL;
321 }
322
323 char copy_path[PATH_MAX] = "";
324 if (translate_root_path(SIDELOAD_TEMP_DIR, copy_path,
325 sizeof(copy_path)) == NULL) {
326 LOGE("Bad path %s\n", SIDELOAD_TEMP_DIR);
327 return NULL;
328 }
329
330 if (mkdir(copy_path, 0700) != 0) {
331 if (errno != EEXIST) {
332 LOGE("Can't mkdir %s (%s)\n", SIDELOAD_TEMP_DIR, strerror(errno));
333 return NULL;
334 }
335 }
336
337 struct stat st;
338 if (stat(copy_path, &st) != 0) {
339 LOGE("failed to stat %s (%s)\n", copy_path, strerror(errno));
340 return NULL;
341 }
342 if (!S_ISDIR(st.st_mode)) {
343 LOGE("%s isn't a directory\n", copy_path);
344 return NULL;
345 }
346 if ((st.st_mode & 0777) != 0700) {
347 LOGE("%s has perms %o\n", copy_path, st.st_mode);
348 return NULL;
349 }
350 if (st.st_uid != 0) {
351 LOGE("%s owned by %lu; not root\n", copy_path, st.st_uid);
352 return NULL;
353 }
354
355 strcat(copy_path, "/package.zip");
356
357 char* buffer = malloc(BUFSIZ);
358 if (buffer == NULL) {
359 LOGE("Failed to allocate buffer\n");
360 return NULL;
361 }
362
363 size_t read;
364 FILE* fin = fopen(original_path, "rb");
365 if (fin == NULL) {
366 LOGE("Failed to open %s (%s)\n", original_path, strerror(errno));
367 return NULL;
368 }
369 FILE* fout = fopen(copy_path, "wb");
370 if (fout == NULL) {
371 LOGE("Failed to open %s (%s)\n", copy_path, strerror(errno));
372 return NULL;
373 }
374
375 while ((read = fread(buffer, 1, BUFSIZ, fin)) > 0) {
376 if (fwrite(buffer, 1, read, fout) != read) {
377 LOGE("Short write of %s (%s)\n", copy_path, strerror(errno));
378 return NULL;
379 }
380 }
381
382 free(buffer);
383
384 if (fclose(fout) != 0) {
385 LOGE("Failed to close %s (%s)\n", copy_path, strerror(errno));
386 return NULL;
387 }
388
389 if (fclose(fin) != 0) {
390 LOGE("Failed to close %s (%s)\n", original_path, strerror(errno));
391 return NULL;
392 }
393
394 // "adb push" is happy to overwrite read-only files when it's
395 // running as root, but we'll try anyway.
396 if (chmod(copy_path, 0400) != 0) {
397 LOGE("Failed to chmod %s (%s)\n", copy_path, strerror(errno));
398 return NULL;
399 }
400
401 char* copy_root_path = malloc(strlen(SIDELOAD_TEMP_DIR) + 20);
402 strcpy(copy_root_path, SIDELOAD_TEMP_DIR);
403 strcat(copy_root_path, "/package.zip");
404 return copy_root_path;
405}
406
Doug Zongkerf93d8162009-09-22 15:16:02 -0700407static char**
408prepend_title(char** headers) {
Doug Zongkerd6837852009-06-17 22:07:13 -0700409 char* title[] = { "Android system recovery <"
Doug Zongker64893cc2009-07-14 16:31:56 -0700410 EXPAND(RECOVERY_API_VERSION) "e>",
Doug Zongkerd6837852009-06-17 22:07:13 -0700411 "",
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800412 NULL };
413
Doug Zongkerd6837852009-06-17 22:07:13 -0700414 // count the number of lines in our title, plus the
Doug Zongkerf93d8162009-09-22 15:16:02 -0700415 // caller-provided headers.
Doug Zongkerd6837852009-06-17 22:07:13 -0700416 int count = 0;
417 char** p;
418 for (p = title; *p; ++p, ++count);
Doug Zongkerf93d8162009-09-22 15:16:02 -0700419 for (p = headers; *p; ++p, ++count);
Doug Zongkerd6837852009-06-17 22:07:13 -0700420
Doug Zongkerf93d8162009-09-22 15:16:02 -0700421 char** new_headers = malloc((count+1) * sizeof(char*));
422 char** h = new_headers;
Doug Zongkerd6837852009-06-17 22:07:13 -0700423 for (p = title; *p; ++p, ++h) *h = *p;
Doug Zongkerf93d8162009-09-22 15:16:02 -0700424 for (p = headers; *p; ++p, ++h) *h = *p;
Doug Zongkerd6837852009-06-17 22:07:13 -0700425 *h = NULL;
426
Doug Zongkerf93d8162009-09-22 15:16:02 -0700427 return new_headers;
428}
429
430static int
431get_menu_selection(char** headers, char** items, int menu_only) {
432 // throw away keys pressed previously, so user doesn't
433 // accidentally trigger menu items.
434 ui_clear_key_queue();
435
436 ui_start_menu(headers, items);
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800437 int selected = 0;
438 int chosen_item = -1;
439
Doug Zongkerf93d8162009-09-22 15:16:02 -0700440 while (chosen_item < 0) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800441 int key = ui_wait_key();
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800442 int visible = ui_text_visible();
443
Doug Zongkerddd6a282009-06-09 12:22:33 -0700444 int action = device_handle_key(key, visible);
445
446 if (action < 0) {
447 switch (action) {
448 case HIGHLIGHT_UP:
449 --selected;
450 selected = ui_menu_select(selected);
451 break;
452 case HIGHLIGHT_DOWN:
453 ++selected;
454 selected = ui_menu_select(selected);
455 break;
456 case SELECT_ITEM:
457 chosen_item = selected;
458 break;
459 case NO_ACTION:
460 break;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800461 }
Doug Zongkerf93d8162009-09-22 15:16:02 -0700462 } else if (!menu_only) {
Doug Zongkerddd6a282009-06-09 12:22:33 -0700463 chosen_item = action;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800464 }
Doug Zongkerf93d8162009-09-22 15:16:02 -0700465 }
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800466
Doug Zongkerf93d8162009-09-22 15:16:02 -0700467 ui_end_menu();
468 return chosen_item;
469}
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800470
Doug Zongkerf93d8162009-09-22 15:16:02 -0700471static void
472wipe_data(int confirm) {
473 if (confirm) {
474 static char** title_headers = NULL;
Doug Zongkerddd6a282009-06-09 12:22:33 -0700475
Doug Zongkerf93d8162009-09-22 15:16:02 -0700476 if (title_headers == NULL) {
477 char* headers[] = { "Confirm wipe of all user data?",
478 " THIS CAN NOT BE UNDONE.",
479 "",
480 NULL };
481 title_headers = prepend_title(headers);
482 }
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800483
Doug Zongkerf93d8162009-09-22 15:16:02 -0700484 char* items[] = { " No",
485 " No",
486 " No",
487 " No",
488 " No",
489 " No",
490 " No",
491 " Yes -- delete all user data", // [7]
492 " No",
493 " No",
494 " No",
495 NULL };
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800496
Doug Zongkerf93d8162009-09-22 15:16:02 -0700497 int chosen_item = get_menu_selection(title_headers, items, 1);
498 if (chosen_item != 7) {
499 return;
500 }
501 }
Doug Zongker1066d2c2009-04-01 13:57:40 -0700502
Doug Zongkerf93d8162009-09-22 15:16:02 -0700503 ui_print("\n-- Wiping data...\n");
504 device_wipe_data();
505 erase_root("DATA:");
506 erase_root("CACHE:");
507 ui_print("Data wipe complete.\n");
508}
509
510static void
Oscar Montemayor05231562009-11-30 08:40:57 -0800511prompt_and_wait() {
Doug Zongkerf93d8162009-09-22 15:16:02 -0700512 char** headers = prepend_title(MENU_HEADERS);
513
514 for (;;) {
515 finish_recovery(NULL);
516 ui_reset_progress();
517
518 int chosen_item = get_menu_selection(headers, MENU_ITEMS, 0);
519
520 // device-specific code may take some action here. It may
521 // return one of the core actions handled in the switch
522 // statement below.
523 chosen_item = device_perform_action(chosen_item);
524
525 switch (chosen_item) {
526 case ITEM_REBOOT:
527 return;
528
529 case ITEM_WIPE_DATA:
530 wipe_data(ui_text_visible());
531 if (!ui_text_visible()) return;
532 break;
533
534 case ITEM_WIPE_CACHE:
535 ui_print("\n-- Wiping cache...\n");
536 erase_root("CACHE:");
537 ui_print("Cache wipe complete.\n");
538 if (!ui_text_visible()) return;
539 break;
540
541 case ITEM_APPLY_SDCARD:
542 ui_print("\n-- Install from sdcard...\n");
Doug Zongker23ceeea2010-07-08 17:27:55 -0700543 int status = INSTALL_CORRUPT;
544 char* copy = copy_sideloaded_package(SDCARD_PACKAGE_FILE);
545 if (copy != NULL) {
546 set_sdcard_update_bootloader_message();
547 status = install_package(copy);
548 free(copy);
549 }
Doug Zongkerf93d8162009-09-22 15:16:02 -0700550 if (status != INSTALL_SUCCESS) {
551 ui_set_background(BACKGROUND_ICON_ERROR);
552 ui_print("Installation aborted.\n");
553 } else if (!ui_text_visible()) {
554 return; // reboot if logs aren't visible
555 } else {
Doug Zongkere08991e2010-02-02 13:09:52 -0800556 ui_print("\nInstall from sdcard complete.\n");
Doug Zongkerf93d8162009-09-22 15:16:02 -0700557 }
558 break;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800559 }
560 }
561}
562
563static void
Oscar Montemayor05231562009-11-30 08:40:57 -0800564print_property(const char *key, const char *name, void *cookie) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800565 fprintf(stderr, "%s=%s\n", key, name);
566}
567
568int
Oscar Montemayor05231562009-11-30 08:40:57 -0800569main(int argc, char **argv) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800570 time_t start = time(NULL);
571
572 // If these fail, there's not really anywhere to complain...
573 freopen(TEMPORARY_LOG_FILE, "a", stdout); setbuf(stdout, NULL);
574 freopen(TEMPORARY_LOG_FILE, "a", stderr); setbuf(stderr, NULL);
575 fprintf(stderr, "Starting recovery on %s", ctime(&start));
576
577 ui_init();
578 get_args(&argc, &argv);
579
580 int previous_runs = 0;
581 const char *send_intent = NULL;
582 const char *update_package = NULL;
Oscar Montemayor52219a62010-02-25 16:47:02 -0800583 const char *encrypted_fs_mode = NULL;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800584 int wipe_data = 0, wipe_cache = 0;
Oscar Montemayor52219a62010-02-25 16:47:02 -0800585 int toggle_secure_fs = 0;
586 encrypted_fs_info encrypted_fs_data;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800587
588 int arg;
589 while ((arg = getopt_long(argc, argv, "", OPTIONS, NULL)) != -1) {
590 switch (arg) {
591 case 'p': previous_runs = atoi(optarg); break;
592 case 's': send_intent = optarg; break;
593 case 'u': update_package = optarg; break;
594 case 'w': wipe_data = wipe_cache = 1; break;
595 case 'c': wipe_cache = 1; break;
Oscar Montemayor52219a62010-02-25 16:47:02 -0800596 case 'e': encrypted_fs_mode = optarg; toggle_secure_fs = 1; break;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800597 case '?':
598 LOGE("Invalid command argument\n");
599 continue;
600 }
601 }
602
Doug Zongkerefa1bab2010-02-01 15:59:12 -0800603 device_recovery_start();
604
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800605 fprintf(stderr, "Command:");
606 for (arg = 0; arg < argc; arg++) {
607 fprintf(stderr, " \"%s\"", argv[arg]);
608 }
609 fprintf(stderr, "\n\n");
610
611 property_list(print_property, NULL);
612 fprintf(stderr, "\n");
613
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800614 int status = INSTALL_SUCCESS;
615
Oscar Montemayor52219a62010-02-25 16:47:02 -0800616 if (toggle_secure_fs) {
617 if (strcmp(encrypted_fs_mode,"on") == 0) {
618 encrypted_fs_data.mode = MODE_ENCRYPTED_FS_ENABLED;
Oscar Montemayor05231562009-11-30 08:40:57 -0800619 ui_print("Enabling Encrypted FS.\n");
Oscar Montemayor52219a62010-02-25 16:47:02 -0800620 } else if (strcmp(encrypted_fs_mode,"off") == 0) {
621 encrypted_fs_data.mode = MODE_ENCRYPTED_FS_DISABLED;
Oscar Montemayor05231562009-11-30 08:40:57 -0800622 ui_print("Disabling Encrypted FS.\n");
623 } else {
624 ui_print("Error: invalid Encrypted FS setting.\n");
625 status = INSTALL_ERROR;
626 }
627
628 // Recovery strategy: if the data partition is damaged, disable encrypted file systems.
629 // This preventsthe device recycling endlessly in recovery mode.
Oscar Montemayor52219a62010-02-25 16:47:02 -0800630 if ((encrypted_fs_data.mode == MODE_ENCRYPTED_FS_ENABLED) &&
631 (read_encrypted_fs_info(&encrypted_fs_data))) {
Oscar Montemayor05231562009-11-30 08:40:57 -0800632 ui_print("Encrypted FS change aborted, resetting to disabled state.\n");
Oscar Montemayor52219a62010-02-25 16:47:02 -0800633 encrypted_fs_data.mode = MODE_ENCRYPTED_FS_DISABLED;
Oscar Montemayor05231562009-11-30 08:40:57 -0800634 }
635
636 if (status != INSTALL_ERROR) {
637 if (erase_root("DATA:")) {
638 ui_print("Data wipe failed.\n");
639 status = INSTALL_ERROR;
640 } else if (erase_root("CACHE:")) {
641 ui_print("Cache wipe failed.\n");
642 status = INSTALL_ERROR;
Oscar Montemayor52219a62010-02-25 16:47:02 -0800643 } else if ((encrypted_fs_data.mode == MODE_ENCRYPTED_FS_ENABLED) &&
644 (restore_encrypted_fs_info(&encrypted_fs_data))) {
Oscar Montemayor05231562009-11-30 08:40:57 -0800645 ui_print("Encrypted FS change aborted.\n");
646 status = INSTALL_ERROR;
647 } else {
648 ui_print("Successfully updated Encrypted FS.\n");
649 status = INSTALL_SUCCESS;
650 }
651 }
652 } else if (update_package != NULL) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800653 status = install_package(update_package);
654 if (status != INSTALL_SUCCESS) ui_print("Installation aborted.\n");
Doug Zongkerb128f542009-06-18 15:07:14 -0700655 } else if (wipe_data) {
656 if (device_wipe_data()) status = INSTALL_ERROR;
657 if (erase_root("DATA:")) status = INSTALL_ERROR;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800658 if (wipe_cache && erase_root("CACHE:")) status = INSTALL_ERROR;
659 if (status != INSTALL_SUCCESS) ui_print("Data wipe failed.\n");
Doug Zongkerb128f542009-06-18 15:07:14 -0700660 } else if (wipe_cache) {
661 if (wipe_cache && erase_root("CACHE:")) status = INSTALL_ERROR;
662 if (status != INSTALL_SUCCESS) ui_print("Cache wipe failed.\n");
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800663 } else {
664 status = INSTALL_ERROR; // No command specified
665 }
666
667 if (status != INSTALL_SUCCESS) ui_set_background(BACKGROUND_ICON_ERROR);
668 if (status != INSTALL_SUCCESS || ui_text_visible()) prompt_and_wait();
669
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800670 // Otherwise, get ready to boot the main system...
671 finish_recovery(send_intent);
672 ui_print("Rebooting...\n");
673 sync();
674 reboot(RB_AUTOBOOT);
675 return EXIT_SUCCESS;
676}