)]}' { "commit": "075ad800c539503d0515e5e0b4af160eccedead9", "tree": "0fa4e4f99556393317ae486eb66aeb3cbad220df", "parents": [ "e8d7dd4ed1a372cb9bf67a1f7ff55aaa3e152053" ], "author": { "name": "Doug Zongker", "email": "dougz@google.com", "time": "Thu Jun 26 15:35:51 2014 -0700" }, "committer": { "name": "Doug Zongker", "email": "dougz@google.com", "time": "Wed Jul 02 12:16:36 2014 -0700" }, "message": "sideload without holding the whole package in RAM\n\nImplement a new method of sideloading over ADB that does not require\nthe entire package to be held in RAM (useful for low-RAM devices and\ndevices using block OTA where we\u0027d rather have more RAM available for\nbinary patching).\n\nWe communicate with the host using a new adb service called\n\"sideload-host\", which makes the host act as a server, sending us\ndifferent parts of the package file on request.\n\nWe create a FUSE filesystem that creates a virtual file\n\"/sideload/package.zip\" that is backed by the ADB connection -- users\nsee a normal file, but when they read from the file we\u0027re actually\nfetching the data from the adb host. This file is then passed to the\nverification and installation systems like any other.\n\nTo prevent a malicious adb host implementation from serving different\ndata to the verification and installation phases of sideloading, the\nFUSE filesystem verifies that the contents of the file don\u0027t change\nbetween reads -- every time we fetch a block from the host we compare\nits hash to the previous hash for that block (if it was read before)\nand cause the read to fail if it changes.\n\nOne necessary change is that the minadbd started by recovery in\nsideload mode no longer drops its root privileges (they\u0027re needed to\nmount the FUSE filesystem). We rely on SELinux enforcement to\nrestrict the set of things that can be accessed.\n\nChange-Id: Ida7dbd3b04c1d4e27a2779d88c1da0c7c81fb114\n", "tree_diff": [ { "type": "modify", "old_id": "a226ea571e761bbff80777efff97c990d946ebca", "old_mode": 33188, "old_path": "adb_install.cpp", "new_id": "fb7860c9b05b738a75a18a943a0eed469f04edcc", "new_mode": 33188, "new_path": "adb_install.cpp" }, { "type": "modify", "old_id": "effb6449a4c06c2754562ceb08048212fc2a0e69", "old_mode": 33188, "old_path": "etc/init.rc", "new_id": "1b402e20dda506d82e8e8e947377ffb99a57ec74", "new_mode": 33188, "new_path": "etc/init.rc" }, { "type": "modify", "old_id": "0f059602a461946cc3cdd3452dc27cba3130b95a", "old_mode": 33188, "old_path": "install.cpp", "new_id": "9db5640a0670587807cd450bbcacd5fb90175d53", "new_mode": 33188, "new_path": "install.cpp" }, { "type": "modify", "old_id": "2ada529ef6cf99a3acfaa1caa8cb621bacd3ae7f", "old_mode": 33188, "old_path": "install.h", "new_id": "53c0d312b07002e3d9c2a776d00c8edda3c93a7a", "new_mode": 33188, "new_path": "install.h" }, { "type": "modify", "old_id": "5a4de682834015580dee27f9aa6482501ca785a8", "old_mode": 33188, "old_path": "minadbd/Android.mk", "new_id": "b5fb8448ad77e1e533194be58663372ca32ae98a", "new_mode": 33188, "new_path": "minadbd/Android.mk" }, { "type": "modify", "old_id": "7291b4bd51af744152eea4c2a28eeb498170fea8", "old_mode": 33188, "old_path": "minadbd/adb.c", "new_id": "127d072be94dc9c8f7182d0638fd3080c8850f89", "new_mode": 33188, "new_path": "minadbd/adb.c" }, { "type": "modify", "old_id": "d389165ae25c03731915afc077adfa9935b9f082", "old_mode": 33188, "old_path": "minadbd/adb.h", "new_id": "770f34d19b14be0a3c17ac419ec040595a6288f4", "new_mode": 33188, "new_path": "minadbd/adb.h" }, { "type": "add", "old_id": "0000000000000000000000000000000000000000", "old_mode": 0, "old_path": "/dev/null", "new_id": "def068e556e529f6fad2e3d772814a140212ed7f", "new_mode": 33188, "new_path": "minadbd/fuse_sideload.c" }, { "type": "add", "old_id": "0000000000000000000000000000000000000000", "old_mode": 0, "old_path": "/dev/null", "new_id": "caeeec757cd3fa90dcf4c7781d0d1a3d4d0ccabf", "new_mode": 33188, "new_path": "minadbd/fuse_sideload.h" }, { "type": "modify", "old_id": "752b33e828e3d41aa849986b3899e88eb1bc9c77", "old_mode": 33188, "old_path": "minadbd/services.c", "new_id": "bf57dc372a9639d4040cf416a195850f7f95da2b", "new_mode": 33188, "new_path": "minadbd/services.c" }, { "type": "modify", "old_id": "09af5f8b176eafcbc79a7e3eac3b1b74b3a43094", "old_mode": 33188, "old_path": "recovery.cpp", "new_id": "5a2715cb87dce527d6e65cbdb998b73e765eb54f", "new_mode": 33188, "new_path": "recovery.cpp" } ] }