Gitiles
Code Review Sign In
review.evervolv.com / android_bootable_recovery / 38058dc13ce2160d8baff52e9adda41bc96a0787 / . / recovery.c
blob: bb4c1be747bfa14b192ea9d44314f21a49599efe [file] [log] [blame]
preludedrew38058dc2011-01-29 23:30:44 -0700[diff] [blame^]1/*
2 * Copyright (C) 2007 The Android Open Source Project
3 * Copyright (c) 2010, Code Aurora Forum. All rights reserved.
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 */
17
18#include <ctype.h>
19#include <errno.h>
20#include <fcntl.h>
21#include <getopt.h>
22#include <limits.h>
23#include <linux/input.h>
24#include <stdio.h>
25#include <stdlib.h>
26#include <string.h>
27#include <sys/reboot.h>
28#include <sys/stat.h>
29#include <sys/types.h>
30#include <time.h>
31#include <unistd.h>
32#include <dirent.h>
33#include <sys/stat.h>
34
35#include "bootloader.h"
36#include "common.h"
37#include "cutils/properties.h"
38#include "install.h"
39#include "minui/minui.h"
40#include "minzip/DirUtil.h"
41#include "roots.h"
42#include "recovery_ui.h"
43#include "encryptedfs_provisioning.h"
44
45#include "extendedcommands.h"
46#include "flashutils/flashutils.h"
47
48static const struct option OPTIONS[] = {
49 { "send_intent", required_argument, NULL, 's' },
50 { "update_package", required_argument, NULL, 'u' },
51 { "wipe_data", no_argument, NULL, 'w' },
52 { "wipe_cache", no_argument, NULL, 'c' },
53 { "set_encrypted_filesystems", required_argument, NULL, 'e' },
54 { "show_text", no_argument, NULL, 't' },
55 { NULL, 0, NULL, 0 },
56};
57
58static const char *COMMAND_FILE = "/cache/recovery/command";
59static const char *INTENT_FILE = "/cache/recovery/intent";
60static const char *LOG_FILE = "/cache/recovery/log";
61static const char *LAST_LOG_FILE = "/cache/recovery/last_log";
62static const char *SDCARD_ROOT = "/sdcard";
63static int allow_display_toggle = 1;
64static const char *SDCARD_PACKAGE_FILE = "/sdcard/update.zip";
65static const char *TEMPORARY_LOG_FILE = "/tmp/recovery.log";
66static const char *SIDELOAD_TEMP_DIR = "/tmp/sideload";
67
68/*
69 * The recovery tool communicates with the main system through /cache files.
70 * /cache/recovery/command - INPUT - command line for tool, one arg per line
71 * /cache/recovery/log - OUTPUT - combined log file from recovery run(s)
72 * /cache/recovery/intent - OUTPUT - intent that was passed in
73 *
74 * The arguments which may be supplied in the recovery.command file:
75 * --send_intent=anystring - write the text out to recovery.intent
76 * --update_package=path - verify install an OTA package file
77 * --wipe_data - erase user data (and cache), then reboot
78 * --wipe_cache - wipe cache (but not user data), then reboot
79 * --set_encrypted_filesystem=on|off - enables / diasables encrypted fs
80 *
81 * After completing, we remove /cache/recovery/command and reboot.
82 * Arguments may also be supplied in the bootloader control block (BCB).
83 * These important scenarios must be safely restartable at any point:
84 *
85 * FACTORY RESET
86 * 1. user selects "factory reset"
87 * 2. main system writes "--wipe_data" to /cache/recovery/command
88 * 3. main system reboots into recovery
89 * 4. get_args() writes BCB with "boot-recovery" and "--wipe_data"
90 * -- after this, rebooting will restart the erase --
91 * 5. erase_volume() reformats /data
92 * 6. erase_volume() reformats /cache
93 * 7. finish_recovery() erases BCB
94 * -- after this, rebooting will restart the main system --
95 * 8. main() calls reboot() to boot main system
96 *
97 * OTA INSTALL
98 * 1. main system downloads OTA package to /cache/some-filename.zip
99 * 2. main system writes "--update_package=/cache/some-filename.zip"
100 * 3. main system reboots into recovery
101 * 4. get_args() writes BCB with "boot-recovery" and "--update_package=..."
102 * -- after this, rebooting will attempt to reinstall the update --
103 * 5. install_package() attempts to install the update
104 * NOTE: the package install must itself be restartable from any point
105 * 6. finish_recovery() erases BCB
106 * -- after this, rebooting will (try to) restart the main system --
107 * 7. ** if install failed **
108 * 7a. prompt_and_wait() shows an error icon and waits for the user
109 * 7b; the user reboots (pulling the battery, etc) into the main system
110 * 8. main() calls maybe_install_firmware_update()
111 * ** if the update contained radio/hboot firmware **:
112 * 8a. m_i_f_u() writes BCB with "boot-recovery" and "--wipe_cache"
113 * -- after this, rebooting will reformat cache & restart main system --
114 * 8b. m_i_f_u() writes firmware image into raw cache partition
115 * 8c. m_i_f_u() writes BCB with "update-radio/hboot" and "--wipe_cache"
116 * -- after this, rebooting will attempt to reinstall firmware --
117 * 8d. bootloader tries to flash firmware
118 * 8e. bootloader writes BCB with "boot-recovery" (keeping "--wipe_cache")
119 * -- after this, rebooting will reformat cache & restart main system --
120 * 8f. erase_volume() reformats /cache
121 * 8g. finish_recovery() erases BCB
122 * -- after this, rebooting will (try to) restart the main system --
123 * 9. main() calls reboot() to boot main system
124 *
125 * SECURE FILE SYSTEMS ENABLE/DISABLE
126 * 1. user selects "enable encrypted file systems"
127 * 2. main system writes "--set_encrypted_filesystems=on|off" to
128 * /cache/recovery/command
129 * 3. main system reboots into recovery
130 * 4. get_args() writes BCB with "boot-recovery" and
131 * "--set_encrypted_filesystems=on|off"
132 * -- after this, rebooting will restart the transition --
133 * 5. read_encrypted_fs_info() retrieves encrypted file systems settings from /data
134 * Settings include: property to specify the Encrypted FS istatus and
135 * FS encryption key if enabled (not yet implemented)
136 * 6. erase_volume() reformats /data
137 * 7. erase_volume() reformats /cache
138 * 8. restore_encrypted_fs_info() writes required encrypted file systems settings to /data
139 * Settings include: property to specify the Encrypted FS status and
140 * FS encryption key if enabled (not yet implemented)
141 * 9. finish_recovery() erases BCB
142 * -- after this, rebooting will restart the main system --
143 * 10. main() calls reboot() to boot main system
144 */
145
146static const int MAX_ARG_LENGTH = 4096;
147static const int MAX_ARGS = 100;
148
149// open a given path, mounting partitions as necessary
150static FILE*
151fopen_path(const char *path, const char *mode) {
152 if (ensure_path_mounted(path) != 0) {
153 LOGE("Can't mount %s\n", path);
154 return NULL;
155 }
156
157 // When writing, try to create the containing directory, if necessary.
158 // Use generous permissions, the system (init.rc) will reset them.
159 if (strchr("wa", mode[0])) dirCreateHierarchy(path, 0777, NULL, 1);
160
161 FILE *fp = fopen(path, mode);
162 if (fp == NULL && path != COMMAND_FILE) LOGE("Can't open %s\n", path);
163 return fp;
164}
165
166// close a file, log an error if the error indicator is set
167static void
168check_and_fclose(FILE *fp, const char *name) {
169 fflush(fp);
170 if (ferror(fp)) LOGE("Error in %s\n(%s)\n", name, strerror(errno));
171 fclose(fp);
172}
173
174// command line args come from, in decreasing precedence:
175// - the actual command line
176// - the bootloader control block (one per line, after "recovery")
177// - the contents of COMMAND_FILE (one per line)
178static void
179get_args(int *argc, char ***argv) {
180 struct bootloader_message boot;
181 memset(&boot, 0, sizeof(boot));
182 if (device_flash_type() == MTD) {
183 get_bootloader_message(&boot); // this may fail, leaving a zeroed structure
184 }
185
186 if (boot.command[0] != 0 && boot.command[0] != 255) {
187 LOGI("Boot command: %.*s\n", sizeof(boot.command), boot.command);
188 }
189
190 if (boot.status[0] != 0 && boot.status[0] != 255) {
191 LOGI("Boot status: %.*s\n", sizeof(boot.status), boot.status);
192 }
193
194 struct stat file_info;
195
196 // --- if arguments weren't supplied, look in the bootloader control block
197 if (*argc <= 1 && 0 != stat("/tmp/.ignorebootmessage", &file_info)) {
198 boot.recovery[sizeof(boot.recovery) - 1] = '\0'; // Ensure termination
199 const char *arg = strtok(boot.recovery, "\n");
200 if (arg != NULL && !strcmp(arg, "recovery")) {
201 *argv = (char **) malloc(sizeof(char *) * MAX_ARGS);
202 (*argv)[0] = strdup(arg);
203 for (*argc = 1; *argc < MAX_ARGS; ++*argc) {
204 if ((arg = strtok(NULL, "\n")) == NULL) break;
205 (*argv)[*argc] = strdup(arg);
206 }
207 LOGI("Got arguments from boot message\n");
208 } else if (boot.recovery[0] != 0 && boot.recovery[0] != 255) {
209 LOGE("Bad boot message\n\"%.20s\"\n", boot.recovery);
210 }
211 }
212
213 // --- if that doesn't work, try the command file
214 if (*argc <= 1) {
215 FILE *fp = fopen_path(COMMAND_FILE, "r");
216 if (fp != NULL) {
217 char *argv0 = (*argv)[0];
218 *argv = (char **) malloc(sizeof(char *) * MAX_ARGS);
219 (*argv)[0] = argv0; // use the same program name
220
221 char buf[MAX_ARG_LENGTH];
222 for (*argc = 1; *argc < MAX_ARGS; ++*argc) {
223 if (!fgets(buf, sizeof(buf), fp)) break;
224 (*argv)[*argc] = strdup(strtok(buf, "\r\n")); // Strip newline.
225 }
226
227 check_and_fclose(fp, COMMAND_FILE);
228 LOGI("Got arguments from %s\n", COMMAND_FILE);
229 }
230 }
231
232 // --> write the arguments we have back into the bootloader control block
233 // always boot into recovery after this (until finish_recovery() is called)
234 strlcpy(boot.command, "boot-recovery", sizeof(boot.command));
235 strlcpy(boot.recovery, "recovery\n", sizeof(boot.recovery));
236 int i;
237 for (i = 1; i < *argc; ++i) {
238 strlcat(boot.recovery, (*argv)[i], sizeof(boot.recovery));
239 strlcat(boot.recovery, "\n", sizeof(boot.recovery));
240 }
241 if (device_flash_type() == MTD) {
242 set_bootloader_message(&boot);
243 }
244}
245
246void
247set_sdcard_update_bootloader_message() {
248 struct bootloader_message boot;
249 memset(&boot, 0, sizeof(boot));
250 strlcpy(boot.command, "boot-recovery", sizeof(boot.command));
251 strlcpy(boot.recovery, "recovery\n", sizeof(boot.recovery));
252 set_bootloader_message(&boot);
253}
254
255// How much of the temp log we have copied to the copy in cache.
256static long tmplog_offset = 0;
257
258static void
259copy_log_file(const char* destination, int append) {
260 FILE *log = fopen_path(destination, append ? "a" : "w");
261 if (log == NULL) {
262 LOGE("Can't open %s\n", destination);
263 } else {
264 FILE *tmplog = fopen(TEMPORARY_LOG_FILE, "r");
265 if (tmplog == NULL) {
266 LOGE("Can't open %s\n", TEMPORARY_LOG_FILE);
267 } else {
268 if (append) {
269 fseek(tmplog, tmplog_offset, SEEK_SET); // Since last write
270 }
271 char buf[4096];
272 while (fgets(buf, sizeof(buf), tmplog)) fputs(buf, log);
273 if (append) {
274 tmplog_offset = ftell(tmplog);
275 }
276 check_and_fclose(tmplog, TEMPORARY_LOG_FILE);
277 }
278 check_and_fclose(log, destination);
279 }
280}
281
282
283// clear the recovery command and prepare to boot a (hopefully working) system,
284// copy our log file to cache as well (for the system to read), and
285// record any intent we were asked to communicate back to the system.
286// this function is idempotent: call it as many times as you like.
287static void
288finish_recovery(const char *send_intent) {
289 // By this point, we're ready to return to the main system...
290 if (send_intent != NULL) {
291 FILE *fp = fopen_path(INTENT_FILE, "w");
292 if (fp == NULL) {
293 LOGE("Can't open %s\n", INTENT_FILE);
294 } else {
295 fputs(send_intent, fp);
296 check_and_fclose(fp, INTENT_FILE);
297 }
298 }
299
300 // Copy logs to cache so the system can find out what happened.
301 copy_log_file(LOG_FILE, true);
302 copy_log_file(LAST_LOG_FILE, false);
303 chmod(LAST_LOG_FILE, 0640);
304
305 if (device_flash_type() == MTD) {
306 // Reset to mormal system boot so recovery won't cycle indefinitely.
307 struct bootloader_message boot;
308 memset(&boot, 0, sizeof(boot));
309 set_bootloader_message(&boot);
310 }
311
312 // Remove the command file, so recovery won't repeat indefinitely.
313 if (ensure_path_mounted(COMMAND_FILE) != 0 ||
314 (unlink(COMMAND_FILE) && errno != ENOENT)) {
315 LOGW("Can't unlink %s\n", COMMAND_FILE);
316 }
317
318 sync(); // For good measure.
319}
320
321static int
322erase_volume(const char *volume) {
323 ui_set_background(BACKGROUND_ICON_INSTALLING);
324 ui_show_indeterminate_progress();
325 ui_print("Formatting %s...\n", volume);
326
327 if (strcmp(volume, "/cache") == 0) {
328 // Any part of the log we'd copied to cache is now gone.
329 // Reset the pointer so we copy from the beginning of the temp
330 // log.
331 tmplog_offset = 0;
332 }
333
334 return format_volume(volume);
335}
336
337static char*
338copy_sideloaded_package(const char* original_path) {
339 if (ensure_path_mounted(original_path) != 0) {
340 LOGE("Can't mount %s\n", original_path);
341 return NULL;
342 }
343
344 if (ensure_path_mounted(SIDELOAD_TEMP_DIR) != 0) {
345 LOGE("Can't mount %s\n", SIDELOAD_TEMP_DIR);
346 return NULL;
347 }
348
349 if (mkdir(SIDELOAD_TEMP_DIR, 0700) != 0) {
350 if (errno != EEXIST) {
351 LOGE("Can't mkdir %s (%s)\n", SIDELOAD_TEMP_DIR, strerror(errno));
352 return NULL;
353 }
354 }
355
356 // verify that SIDELOAD_TEMP_DIR is exactly what we expect: a
357 // directory, owned by root, readable and writable only by root.
358 struct stat st;
359 if (stat(SIDELOAD_TEMP_DIR, &st) != 0) {
360 LOGE("failed to stat %s (%s)\n", SIDELOAD_TEMP_DIR, strerror(errno));
361 return NULL;
362 }
363 if (!S_ISDIR(st.st_mode)) {
364 LOGE("%s isn't a directory\n", SIDELOAD_TEMP_DIR);
365 return NULL;
366 }
367 if ((st.st_mode & 0777) != 0700) {
368 LOGE("%s has perms %o\n", SIDELOAD_TEMP_DIR, st.st_mode);
369 return NULL;
370 }
371 if (st.st_uid != 0) {
372 LOGE("%s owned by %lu; not root\n", SIDELOAD_TEMP_DIR, st.st_uid);
373 return NULL;
374 }
375
376 char copy_path[PATH_MAX];
377 strcpy(copy_path, SIDELOAD_TEMP_DIR);
378 strcat(copy_path, "/package.zip");
379
380 char* buffer = malloc(BUFSIZ);
381 if (buffer == NULL) {
382 LOGE("Failed to allocate buffer\n");
383 return NULL;
384 }
385
386 size_t read;
387 FILE* fin = fopen(original_path, "rb");
388 if (fin == NULL) {
389 LOGE("Failed to open %s (%s)\n", original_path, strerror(errno));
390 return NULL;
391 }
392 FILE* fout = fopen(copy_path, "wb");
393 if (fout == NULL) {
394 LOGE("Failed to open %s (%s)\n", copy_path, strerror(errno));
395 return NULL;
396 }
397
398 while ((read = fread(buffer, 1, BUFSIZ, fin)) > 0) {
399 if (fwrite(buffer, 1, read, fout) != read) {
400 LOGE("Short write of %s (%s)\n", copy_path, strerror(errno));
401 return NULL;
402 }
403 }
404
405 free(buffer);
406
407 if (fclose(fout) != 0) {
408 LOGE("Failed to close %s (%s)\n", copy_path, strerror(errno));
409 return NULL;
410 }
411
412 if (fclose(fin) != 0) {
413 LOGE("Failed to close %s (%s)\n", original_path, strerror(errno));
414 return NULL;
415 }
416
417 // "adb push" is happy to overwrite read-only files when it's
418 // running as root, but we'll try anyway.
419 if (chmod(copy_path, 0400) != 0) {
420 LOGE("Failed to chmod %s (%s)\n", copy_path, strerror(errno));
421 return NULL;
422 }
423
424 return strdup(copy_path);
425}
426
427static char**
428prepend_title(char** headers) {
429 char* title[] = { EXPAND(RECOVERY_VERSION),
430 "",
431 NULL };
432
433 // count the number of lines in our title, plus the
434 // caller-provided headers.
435 int count = 0;
436 char** p;
437 for (p = title; *p; ++p, ++count);
438 for (p = headers; *p; ++p, ++count);
439
440 char** new_headers = malloc((count+1) * sizeof(char*));
441 char** h = new_headers;
442 for (p = title; *p; ++p, ++h) *h = *p;
443 for (p = headers; *p; ++p, ++h) *h = *p;
444 *h = NULL;
445
446 return new_headers;
447}
448
449int
450get_menu_selection(char** headers, char** items, int menu_only,
451 int initial_selection) {
452 // throw away keys pressed previously, so user doesn't
453 // accidentally trigger menu items.
454 ui_clear_key_queue();
455
456 int item_count = ui_start_menu(headers, items, initial_selection);
457 int selected = initial_selection;
458 int chosen_item = -1;
459
460 // Some users with dead enter keys need a way to turn on power to select.
461 // Jiggering across the wrapping menu is one "secret" way to enable it.
462 // We can't rely on /cache or /sdcard since they may not be available.
463 int wrap_count = 0;
464
465 while (chosen_item < 0 && chosen_item != GO_BACK) {
466 int key = ui_wait_key();
467 int visible = ui_text_visible();
468
469 int action = device_handle_key(key, visible);
470
471 int old_selected = selected;
472
473 if (action < 0) {
474 switch (action) {
475 case HIGHLIGHT_UP:
476 --selected;
477 selected = ui_menu_select(selected);
478 break;
479 case HIGHLIGHT_DOWN:
480 ++selected;
481 selected = ui_menu_select(selected);
482 break;
483 case SELECT_ITEM:
484 chosen_item = selected;
485 if (ui_get_showing_back_button()) {
486 if (chosen_item == item_count) {
487 chosen_item = GO_BACK;
488 }
489 }
490 break;
491 case NO_ACTION:
492 break;
493 case GO_BACK:
494 chosen_item = GO_BACK;
495 break;
496 }
497 } else if (!menu_only) {
498 chosen_item = action;
499 }
500
501 if (abs(selected - old_selected) > 1) {
502 wrap_count++;
503 if (wrap_count == 3) {
504 wrap_count = 0;
505 if (ui_get_showing_back_button()) {
506 ui_print("Back menu button disabled.\n");
507 ui_set_showing_back_button(0);
508 }
509 else {
510 ui_print("Back menu button enabled.\n");
511 ui_set_showing_back_button(1);
512 }
513 }
514 }
515 }
516
517 ui_end_menu();
518 ui_clear_key_queue();
519 return chosen_item;
520}
521
522static int compare_string(const void* a, const void* b) {
523 return strcmp(*(const char**)a, *(const char**)b);
524}
525
526static int
527sdcard_directory(const char* path) {
528 ensure_path_mounted(SDCARD_ROOT);
529
530 const char* MENU_HEADERS[] = { "Choose a package to install:",
531 path,
532 "",
533 NULL };
534 DIR* d;
535 struct dirent* de;
536 d = opendir(path);
537 if (d == NULL) {
538 LOGE("error opening %s: %s\n", path, strerror(errno));
539 ensure_path_unmounted(SDCARD_ROOT);
540 return 0;
541 }
542
543 char** headers = prepend_title(MENU_HEADERS);
544
545 int d_size = 0;
546 int d_alloc = 10;
547 char** dirs = malloc(d_alloc * sizeof(char*));
548 int z_size = 1;
549 int z_alloc = 10;
550 char** zips = malloc(z_alloc * sizeof(char*));
551 zips[0] = strdup("../");
552
553 while ((de = readdir(d)) != NULL) {
554 int name_len = strlen(de->d_name);
555
556 if (de->d_type == DT_DIR) {
557 // skip "." and ".." entries
558 if (name_len == 1 && de->d_name[0] == '.') continue;
559 if (name_len == 2 && de->d_name[0] == '.' &&
560 de->d_name[1] == '.') continue;
561
562 if (d_size >= d_alloc) {
563 d_alloc *= 2;
564 dirs = realloc(dirs, d_alloc * sizeof(char*));
565 }
566 dirs[d_size] = malloc(name_len + 2);
567 strcpy(dirs[d_size], de->d_name);
568 dirs[d_size][name_len] = '/';
569 dirs[d_size][name_len+1] = '\0';
570 ++d_size;
571 } else if (de->d_type == DT_REG &&
572 name_len >= 4 &&
573 strncasecmp(de->d_name + (name_len-4), ".zip", 4) == 0) {
574 if (z_size >= z_alloc) {
575 z_alloc *= 2;
576 zips = realloc(zips, z_alloc * sizeof(char*));
577 }
578 zips[z_size++] = strdup(de->d_name);
579 }
580 }
581 closedir(d);
582
583 qsort(dirs, d_size, sizeof(char*), compare_string);
584 qsort(zips, z_size, sizeof(char*), compare_string);
585
586 // append dirs to the zips list
587 if (d_size + z_size + 1 > z_alloc) {
588 z_alloc = d_size + z_size + 1;
589 zips = realloc(zips, z_alloc * sizeof(char*));
590 }
591 memcpy(zips + z_size, dirs, d_size * sizeof(char*));
592 free(dirs);
593 z_size += d_size;
594 zips[z_size] = NULL;
595
596 int result;
597 int chosen_item = 0;
598 do {
599 chosen_item = get_menu_selection(headers, zips, 1, chosen_item);
600
601 char* item = zips[chosen_item];
602 int item_len = strlen(item);
603 if (chosen_item == 0) { // item 0 is always "../"
604 // go up but continue browsing (if the caller is sdcard_directory)
605 result = -1;
606 break;
607 } else if (item[item_len-1] == '/') {
608 // recurse down into a subdirectory
609 char new_path[PATH_MAX];
610 strlcpy(new_path, path, PATH_MAX);
611 strlcat(new_path, "/", PATH_MAX);
612 strlcat(new_path, item, PATH_MAX);
613 new_path[strlen(new_path)-1] = '\0'; // truncate the trailing '/'
614 result = sdcard_directory(new_path);
615 if (result >= 0) break;
616 } else {
617 // selected a zip file: attempt to install it, and return
618 // the status to the caller.
619 char new_path[PATH_MAX];
620 strlcpy(new_path, path, PATH_MAX);
621 strlcat(new_path, "/", PATH_MAX);
622 strlcat(new_path, item, PATH_MAX);
623
624 ui_print("\n-- Install %s ...\n", path);
625 set_sdcard_update_bootloader_message();
626 char* copy = copy_sideloaded_package(new_path);
627 ensure_path_unmounted(SDCARD_ROOT);
628 if (copy) {
629 result = install_package(copy);
630 free(copy);
631 } else {
632 result = INSTALL_ERROR;
633 }
634 break;
635 }
636 } while (true);
637
638 int i;
639 for (i = 0; i < z_size; ++i) free(zips[i]);
640 free(zips);
641 free(headers);
642
643 ensure_path_unmounted(SDCARD_ROOT);
644 return result;
645}
646
647static void
648wipe_data(int confirm) {
649 if (confirm) {
650 static char** title_headers = NULL;
651
652 if (title_headers == NULL) {
653 char* headers[] = { "Confirm wipe of all user data?",
654 " THIS CAN NOT BE UNDONE.",
655 "",
656 NULL };
657 title_headers = prepend_title((const char**)headers);
658 }
659
660 char* items[] = { " No",
661 " No",
662 " No",
663 " No",
664 " No",
665 " No",
666 " No",
667 " Yes -- delete all user data", // [7]
668 " No",
669 " No",
670 " No",
671 NULL };
672
673 int chosen_item = get_menu_selection(title_headers, items, 1, 0);
674 if (chosen_item != 7) {
675 return;
676 }
677 }
678
679 ui_print("\n-- Wiping data...\n");
680 device_wipe_data();
681 erase_volume("/data");
682 erase_volume("/cache");
683 if (has_datadata()) {
684 erase_volume("/datadata");
685 }
686 erase_volume("/sd-ext");
687 erase_volume("/sdcard/.android_secure");
688 ui_print("Data wipe complete.\n");
689}
690
691static void
692prompt_and_wait() {
693 char** headers = prepend_title((const char**)MENU_HEADERS);
694
695 for (;;) {
696 finish_recovery(NULL);
697 ui_reset_progress();
698
699 allow_display_toggle = 1;
700 int chosen_item = get_menu_selection(headers, MENU_ITEMS, 0, 0);
701 allow_display_toggle = 0;
702
703 // device-specific code may take some action here. It may
704 // return one of the core actions handled in the switch
705 // statement below.
706 chosen_item = device_perform_action(chosen_item);
707
708 switch (chosen_item) {
709 case ITEM_REBOOT:
710 return;
711
712 case ITEM_WIPE_DATA:
713 wipe_data(ui_text_visible());
714 if (!ui_text_visible()) return;
715 break;
716
717 case ITEM_WIPE_CACHE:
718 if (confirm_selection("Confirm wipe?", "Yes - Wipe Cache"))
719 {
720 ui_print("\n-- Wiping cache...\n");
721 erase_volume("/cache");
722 ui_print("Cache wipe complete.\n");
723 if (!ui_text_visible()) return;
724 }
725 break;
726
727 case ITEM_APPLY_SDCARD:
728 if (confirm_selection("Confirm install?", "Yes - Install /sdcard/update.zip"))
729 {
730 ui_print("\n-- Install from sdcard...\n");
731 int status = install_package(SDCARD_PACKAGE_FILE);
732 if (status != INSTALL_SUCCESS) {
733 ui_set_background(BACKGROUND_ICON_ERROR);
734 ui_print("Installation aborted.\n");
735 } else if (!ui_text_visible()) {
736 return; // reboot if logs aren't visible
737 } else {
738 ui_print("\nInstall from sdcard complete.\n");
739 }
740 }
741 break;
742 case ITEM_INSTALL_ZIP:
743 show_install_update_menu();
744 break;
745 case ITEM_NANDROID:
746 show_nandroid_menu();
747 break;
748 case ITEM_PARTITION:
749 show_partition_menu();
750 break;
751 case ITEM_ADVANCED:
752 show_advanced_menu();
753 break;
754 }
755 }
756}
757
758static void
759print_property(const char *key, const char *name, void *cookie) {
760 printf("%s=%s\n", key, name);
761}
762
763int
764main(int argc, char **argv) {
765 if (strstr(argv[0], "recovery") == NULL)
766 {
767 if (strstr(argv[0], "flash_image") != NULL)
768 return flash_image_main(argc, argv);
769 if (strstr(argv[0], "volume") != NULL)
770 return volume_main(argc, argv);
771 if (strstr(argv[0], "edify") != NULL)
772 return edify_main(argc, argv);
773 if (strstr(argv[0], "dump_image") != NULL)
774 return dump_image_main(argc, argv);
775 if (strstr(argv[0], "erase_image") != NULL)
776 return erase_image_main(argc, argv);
777 if (strstr(argv[0], "mkyaffs2image") != NULL)
778 return mkyaffs2image_main(argc, argv);
779 if (strstr(argv[0], "unyaffs") != NULL)
780 return unyaffs_main(argc, argv);
781 if (strstr(argv[0], "nandroid"))
782 return nandroid_main(argc, argv);
783 if (strstr(argv[0], "reboot"))
784 return reboot_main(argc, argv);
785 if (strstr(argv[0], "setprop"))
786 return setprop_main(argc, argv);
787 return busybox_driver(argc, argv);
788 }
789 handle_chargemode();
790 __system("/sbin/postrecoveryboot.sh");
791
792 int is_user_initiated_recovery = 0;
793 time_t start = time(NULL);
794
795 // If these fail, there's not really anywhere to complain...
796 freopen(TEMPORARY_LOG_FILE, "a", stdout); setbuf(stdout, NULL);
797 freopen(TEMPORARY_LOG_FILE, "a", stderr); setbuf(stderr, NULL);
798 printf("Starting recovery on %s", ctime(&start));
799
800 ui_init();
801 ui_print(EXPAND(RECOVERY_VERSION)"\n");
802 load_volume_table();
803 process_volumes();
804 LOGI("Processing arguments.\n");
805 get_args(&argc, &argv);
806
807 int previous_runs = 0;
808 const char *send_intent = NULL;
809 const char *update_package = NULL;
810 const char *encrypted_fs_mode = NULL;
811 int wipe_data = 0, wipe_cache = 0;
812 int toggle_secure_fs = 0;
813 encrypted_fs_info encrypted_fs_data;
814
815 LOGI("Checking arguments.\n");
816 int arg;
817 while ((arg = getopt_long(argc, argv, "", OPTIONS, NULL)) != -1) {
818 switch (arg) {
819 case 'p': previous_runs = atoi(optarg); break;
820 case 's': send_intent = optarg; break;
821 case 'u': update_package = optarg; break;
822 case 'w': wipe_data = wipe_cache = 1; break;
823 case 'c': wipe_cache = 1; break;
824 case 'e': encrypted_fs_mode = optarg; toggle_secure_fs = 1; break;
825 case 't': ui_show_text(1); break;
826 case '?':
827 LOGE("Invalid command argument\n");
828 continue;
829 }
830 }
831
832 LOGI("device_recovery_start()\n");
833 device_recovery_start();
834
835 printf("Command:");
836 for (arg = 0; arg < argc; arg++) {
837 printf(" \"%s\"", argv[arg]);
838 }
839 printf("\n");
840
841 if (update_package) {
842 // For backwards compatibility on the cache partition only, if
843 // we're given an old 'root' path "CACHE:foo", change it to
844 // "/cache/foo".
845 if (strncmp(update_package, "CACHE:", 6) == 0) {
846 int len = strlen(update_package) + 10;
847 char* modified_path = malloc(len);
848 strlcpy(modified_path, "/cache/", len);
849 strlcat(modified_path, update_package+6, len);
850 printf("(replacing path \"%s\" with \"%s\")\n",
851 update_package, modified_path);
852 update_package = modified_path;
853 }
854 }
855 printf("\n");
856
857 property_list(print_property, NULL);
858 printf("\n");
859
860 int status = INSTALL_SUCCESS;
861
862 if (toggle_secure_fs) {
863 if (strcmp(encrypted_fs_mode,"on") == 0) {
864 encrypted_fs_data.mode = MODE_ENCRYPTED_FS_ENABLED;
865 ui_print("Enabling Encrypted FS.\n");
866 } else if (strcmp(encrypted_fs_mode,"off") == 0) {
867 encrypted_fs_data.mode = MODE_ENCRYPTED_FS_DISABLED;
868 ui_print("Disabling Encrypted FS.\n");
869 } else {
870 ui_print("Error: invalid Encrypted FS setting.\n");
871 status = INSTALL_ERROR;
872 }
873
874 // Recovery strategy: if the data partition is damaged, disable encrypted file systems.
875 // This preventsthe device recycling endlessly in recovery mode.
876 if ((encrypted_fs_data.mode == MODE_ENCRYPTED_FS_ENABLED) &&
877 (read_encrypted_fs_info(&encrypted_fs_data))) {
878 ui_print("Encrypted FS change aborted, resetting to disabled state.\n");
879 encrypted_fs_data.mode = MODE_ENCRYPTED_FS_DISABLED;
880 }
881
882 if (status != INSTALL_ERROR) {
883 if (erase_volume("/data")) {
884 ui_print("Data wipe failed.\n");
885 status = INSTALL_ERROR;
886 } else if (erase_volume("/cache")) {
887 ui_print("Cache wipe failed.\n");
888 status = INSTALL_ERROR;
889 } else if ((encrypted_fs_data.mode == MODE_ENCRYPTED_FS_ENABLED) &&
890 (restore_encrypted_fs_info(&encrypted_fs_data))) {
891 ui_print("Encrypted FS change aborted.\n");
892 status = INSTALL_ERROR;
893 } else {
894 ui_print("Successfully updated Encrypted FS.\n");
895 status = INSTALL_SUCCESS;
896 }
897 }
898 } else if (update_package != NULL) {
899 status = install_package(update_package);
900 if (status != INSTALL_SUCCESS) ui_print("Installation aborted.\n");
901 } else if (wipe_data) {
902 if (device_wipe_data()) status = INSTALL_ERROR;
903 if (erase_volume("/data")) status = INSTALL_ERROR;
904 if (wipe_cache && erase_volume("/cache")) status = INSTALL_ERROR;
905 if (status != INSTALL_SUCCESS) ui_print("Data wipe failed.\n");
906 } else if (wipe_cache) {
907 if (wipe_cache && erase_volume("/cache")) status = INSTALL_ERROR;
908 if (status != INSTALL_SUCCESS) ui_print("Cache wipe failed.\n");
909 } else {
910 LOGI("Checking for extendedcommand...\n");
911 status = INSTALL_ERROR; // No command specified
912 // we are starting up in user initiated recovery here
913 // let's set up some default options
914 signature_check_enabled = 0;
915 script_assert_enabled = 0;
916 is_user_initiated_recovery = 1;
917 ui_set_show_text(1);
918 ui_set_background(BACKGROUND_ICON_CLOCKWORK);
919
920 if (extendedcommand_file_exists()) {
921 LOGI("Running extendedcommand...\n");
922 int ret;
923 if (0 == (ret = run_and_remove_extendedcommand())) {
924 status = INSTALL_SUCCESS;
925 ui_set_show_text(0);
926 }
927 else {
928 handle_failure(ret);
929 }
930 } else {
931 LOGI("Skipping execution of extendedcommand, file not found...\n");
932 }
933 }
934
935 if (status != INSTALL_SUCCESS && !is_user_initiated_recovery) ui_set_background(BACKGROUND_ICON_ERROR);
936 if (status != INSTALL_SUCCESS || ui_text_visible()) {
937 prompt_and_wait();
938 }
939
940 // Otherwise, get ready to boot the main system...
941 finish_recovery(send_intent);
942 ui_print("Rebooting...\n");
943 sync();
944 reboot(RB_AUTOBOOT);
945 return EXIT_SUCCESS;
946}
947
948int get_allow_toggle_display() {
949 return allow_display_toggle;
950}