Merge "Revert "Error correction: Use libfec in fs_mgr""
diff --git a/fs_mgr/Android.mk b/fs_mgr/Android.mk
index b45703a..b47199f 100644
--- a/fs_mgr/Android.mk
+++ b/fs_mgr/Android.mk
@@ -1,59 +1,49 @@
# Copyright 2011 The Android Open Source Project
LOCAL_PATH:= $(call my-dir)
-
-common_static_libraries := \
- liblogwrap \
- libfec \
- libfec_rs \
- libbase \
- libmincrypt \
- libcrypto_static \
- libext4_utils_static \
- libsquashfs_utils
-
include $(CLEAR_VARS)
-LOCAL_CLANG := true
-LOCAL_SANITIZE := integer
-LOCAL_SRC_FILES:= \
- fs_mgr.c \
- fs_mgr_format.c \
- fs_mgr_fstab.c \
- fs_mgr_slotselect.c \
- fs_mgr_verity.cpp
-LOCAL_C_INCLUDES := \
- $(LOCAL_PATH)/include \
+
+LOCAL_SRC_FILES:= fs_mgr.c fs_mgr_verity.cpp fs_mgr_fstab.c
+LOCAL_SRC_FILES += fs_mgr_format.c fs_mgr_slotselect.c
+
+LOCAL_C_INCLUDES := $(LOCAL_PATH)/include \
system/vold \
system/extras/ext4_utils \
- external/openssl/include \
- bootable/recovery
+ external/openssl/include
+
LOCAL_MODULE:= libfs_mgr
-LOCAL_STATIC_LIBRARIES := $(common_static_libraries)
+LOCAL_STATIC_LIBRARIES := liblogwrap libmincrypt libext4_utils_static libsquashfs_utils libbase
+LOCAL_C_INCLUDES += system/extras/ext4_utils system/extras/squashfs_utils \
+ bootable/recovery
LOCAL_EXPORT_C_INCLUDE_DIRS := $(LOCAL_PATH)/include
LOCAL_CFLAGS := -Werror
+
ifneq (,$(filter userdebug,$(TARGET_BUILD_VARIANT)))
LOCAL_CFLAGS += -DALLOW_ADBD_DISABLE_VERITY=1
endif
+
include $(BUILD_STATIC_LIBRARY)
+
+
include $(CLEAR_VARS)
-LOCAL_CLANG := true
-LOCAL_SANITIZE := integer
+
LOCAL_SRC_FILES:= fs_mgr_main.c
+
LOCAL_C_INCLUDES := $(LOCAL_PATH)/include
+
LOCAL_MODULE:= fs_mgr
+
LOCAL_MODULE_TAGS := optional
LOCAL_FORCE_STATIC_EXECUTABLE := true
LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT)/sbin
LOCAL_UNSTRIPPED_PATH := $(TARGET_ROOT_OUT_UNSTRIPPED)
-LOCAL_STATIC_LIBRARIES := $(common_static_libraries) \
- libfs_mgr \
- libcutils \
- liblog \
- libc \
- libsparse_static \
- libz \
- libselinux
+
+LOCAL_STATIC_LIBRARIES := libfs_mgr liblogwrap libcutils liblog libc libmincrypt libext4_utils_static libsquashfs_utils libbase
+LOCAL_STATIC_LIBRARIES += libsparse_static libz libselinux
LOCAL_CXX_STL := libc++_static
+
LOCAL_CFLAGS := -Werror
+
include $(BUILD_EXECUTABLE)
+
diff --git a/fs_mgr/fs_mgr_verity.cpp b/fs_mgr/fs_mgr_verity.cpp
index c358982..8f7c6a2 100644
--- a/fs_mgr/fs_mgr_verity.cpp
+++ b/fs_mgr/fs_mgr_verity.cpp
@@ -38,7 +38,8 @@
#include "mincrypt/sha.h"
#include "mincrypt/sha256.h"
-#include "fec/io.h"
+#include "ext4_sb.h"
+#include "squashfs_utils.h"
#include "fs_mgr.h"
#include "fs_mgr_priv.h"
@@ -46,19 +47,11 @@
#define FSTAB_PREFIX "/fstab."
+#define VERITY_METADATA_SIZE 32768
#define VERITY_TABLE_RSA_KEY "/verity_key"
#define VERITY_TABLE_HASH_IDX 8
#define VERITY_TABLE_SALT_IDX 9
-#define VERITY_TABLE_OPT_RESTART "restart_on_corruption"
-#define VERITY_TABLE_OPT_LOGGING "ignore_corruption"
-#define VERITY_TABLE_OPT_IGNZERO "ignore_zero_blocks"
-
-#define VERITY_TABLE_OPT_FEC_FORMAT \
- "use_fec_from_device %s fec_start %" PRIu64 " fec_blocks %" PRIu64 \
- " fec_roots %u " VERITY_TABLE_OPT_IGNZERO
-#define VERITY_TABLE_OPT_FEC_ARGS 9
-
#define METADATA_MAGIC 0x01564c54
#define METADATA_TAG_MAX_LENGTH 63
#define METADATA_EOD "eod"
@@ -99,7 +92,7 @@
}
if (!fread(key, sizeof(*key), 1, f)) {
- ERROR("Could not read key!\n");
+ ERROR("Could not read key!");
fclose(f);
free(key);
return NULL;
@@ -116,8 +109,7 @@
return key;
}
-static int verify_table(const uint8_t *signature, const char *table,
- uint32_t table_length)
+static int verify_table(char *signature, char *table, int table_length)
{
RSAPublicKey *key;
uint8_t hash_buf[SHA256_DIGEST_SIZE];
@@ -129,17 +121,17 @@
// Now get the public key from the keyfile
key = load_key(VERITY_TABLE_RSA_KEY);
if (!key) {
- ERROR("Couldn't load verity keys\n");
+ ERROR("Couldn't load verity keys");
goto out;
}
// verify the result
if (!RSA_verify(key,
- signature,
+ (uint8_t*) signature,
RSANUMBYTES,
(uint8_t*) hash_buf,
SHA256_DIGEST_SIZE)) {
- ERROR("Couldn't verify table\n");
+ ERROR("Couldn't verify table.");
goto out;
}
@@ -150,11 +142,11 @@
return retval;
}
-static int invalidate_table(char *table, size_t table_length)
+static int invalidate_table(char *table, int table_length)
{
- size_t n = 0;
- size_t idx = 0;
- size_t cleared = 0;
+ int n = 0;
+ int idx = 0;
+ int cleared = 0;
while (n < table_length) {
if (table[n++] == ' ') {
@@ -177,6 +169,177 @@
return -1;
}
+static int squashfs_get_target_device_size(char *blk_device, uint64_t *device_size)
+{
+ struct squashfs_info sq_info;
+
+ if (squashfs_parse_sb(blk_device, &sq_info) >= 0) {
+ *device_size = sq_info.bytes_used_4K_padded;
+ return 0;
+ } else {
+ return -1;
+ }
+}
+
+static int ext4_get_target_device_size(char *blk_device, uint64_t *device_size)
+{
+ int data_device;
+ struct ext4_super_block sb;
+ struct fs_info info;
+
+ info.len = 0; /* Only len is set to 0 to ask the device for real size. */
+
+ data_device = TEMP_FAILURE_RETRY(open(blk_device, O_RDONLY | O_CLOEXEC));
+ if (data_device == -1) {
+ ERROR("Error opening block device (%s)", strerror(errno));
+ return -1;
+ }
+
+ if (TEMP_FAILURE_RETRY(lseek64(data_device, 1024, SEEK_SET)) < 0) {
+ ERROR("Error seeking to superblock");
+ close(data_device);
+ return -1;
+ }
+
+ if (!android::base::ReadFully(data_device, &sb, sizeof(sb))) {
+ ERROR("Error reading superblock");
+ close(data_device);
+ return -1;
+ }
+
+ ext4_parse_sb(&sb, &info);
+ *device_size = info.len;
+
+ close(data_device);
+ return 0;
+}
+
+static int get_fs_size(char *fs_type, char *blk_device, uint64_t *device_size) {
+ if (!strcmp(fs_type, "ext4")) {
+ if (ext4_get_target_device_size(blk_device, device_size) < 0) {
+ ERROR("Failed to get ext4 fs size on %s.", blk_device);
+ return -1;
+ }
+ } else if (!strcmp(fs_type, "squashfs")) {
+ if (squashfs_get_target_device_size(blk_device, device_size) < 0) {
+ ERROR("Failed to get squashfs fs size on %s.", blk_device);
+ return -1;
+ }
+ } else {
+ ERROR("%s: Unsupported filesystem for verity.", fs_type);
+ return -1;
+ }
+ return 0;
+}
+
+static int read_verity_metadata(uint64_t device_size, char *block_device, char **signature,
+ char **table)
+{
+ unsigned magic_number;
+ unsigned table_length;
+ int protocol_version;
+ int device;
+ int retval = FS_MGR_SETUP_VERITY_FAIL;
+
+ *signature = NULL;
+
+ if (table) {
+ *table = NULL;
+ }
+
+ device = TEMP_FAILURE_RETRY(open(block_device, O_RDONLY | O_CLOEXEC));
+ if (device == -1) {
+ ERROR("Could not open block device %s (%s).\n", block_device, strerror(errno));
+ goto out;
+ }
+
+ if (TEMP_FAILURE_RETRY(lseek64(device, device_size, SEEK_SET)) < 0) {
+ ERROR("Could not seek to start of verity metadata block.\n");
+ goto out;
+ }
+ // check the magic number
+ if (!android::base::ReadFully(device, &magic_number, sizeof(magic_number))) {
+ ERROR("Couldn't read magic number!\n");
+ goto out;
+ }
+
+#ifdef ALLOW_ADBD_DISABLE_VERITY
+ if (magic_number == VERITY_METADATA_MAGIC_DISABLE) {
+ retval = FS_MGR_SETUP_VERITY_DISABLED;
+ INFO("Attempt to cleanly disable verity - only works in USERDEBUG");
+ goto out;
+ }
+#endif
+
+ if (magic_number != VERITY_METADATA_MAGIC_NUMBER) {
+ ERROR("Couldn't find verity metadata at offset %" PRIu64 "!\n", device_size);
+ goto out;
+ }
+
+ // check the protocol version
+ if (!android::base::ReadFully(device, &protocol_version,
+ sizeof(protocol_version))) {
+ ERROR("Couldn't read verity metadata protocol version!\n");
+ goto out;
+ }
+ if (protocol_version != 0) {
+ ERROR("Got unknown verity metadata protocol version %d!\n", protocol_version);
+ goto out;
+ }
+
+ // get the signature
+ *signature = (char*) malloc(RSANUMBYTES);
+ if (!*signature) {
+ ERROR("Couldn't allocate memory for signature!\n");
+ goto out;
+ }
+ if (!android::base::ReadFully(device, *signature, RSANUMBYTES)) {
+ ERROR("Couldn't read signature from verity metadata!\n");
+ goto out;
+ }
+
+ if (!table) {
+ retval = FS_MGR_SETUP_VERITY_SUCCESS;
+ goto out;
+ }
+
+ // get the size of the table
+ if (!android::base::ReadFully(device, &table_length, sizeof(table_length))) {
+ ERROR("Couldn't get the size of the verity table from metadata!\n");
+ goto out;
+ }
+
+ // get the table + null terminator
+ *table = static_cast<char*>(malloc(table_length + 1));
+ if (!*table) {
+ ERROR("Couldn't allocate memory for verity table!\n");
+ goto out;
+ }
+ if (!android::base::ReadFully(device, *table, table_length)) {
+ ERROR("Couldn't read the verity table from metadata!\n");
+ goto out;
+ }
+
+ (*table)[table_length] = 0;
+ retval = FS_MGR_SETUP_VERITY_SUCCESS;
+
+out:
+ if (device != -1)
+ close(device);
+
+ if (retval != FS_MGR_SETUP_VERITY_SUCCESS) {
+ free(*signature);
+ *signature = NULL;
+
+ if (table) {
+ free(*table);
+ *table = NULL;
+ }
+ }
+
+ return retval;
+}
+
static void verity_ioctl_init(struct dm_ioctl *io, char *name, unsigned flags)
{
memset(io, 0, DM_BUF_SIZE);
@@ -216,76 +379,8 @@
return 0;
}
-struct verity_table_params {
- const char *table;
- int mode;
- struct fec_ecc_metadata ecc;
- const char *ecc_dev;
-};
-
-typedef bool (*format_verity_table_func)(char *buf, const size_t bufsize,
- const struct verity_table_params *params);
-
-static bool format_verity_table(char *buf, const size_t bufsize,
- const struct verity_table_params *params)
-{
- const char *mode_flag = NULL;
- int res = -1;
-
- if (params->mode == VERITY_MODE_RESTART) {
- mode_flag = VERITY_TABLE_OPT_RESTART;
- } else if (params->mode == VERITY_MODE_LOGGING) {
- mode_flag = VERITY_TABLE_OPT_LOGGING;
- }
-
- if (params->ecc.valid) {
- if (mode_flag) {
- res = snprintf(buf, bufsize,
- "%s %u %s " VERITY_TABLE_OPT_FEC_FORMAT,
- params->table, 1 + VERITY_TABLE_OPT_FEC_ARGS, mode_flag, params->ecc_dev,
- params->ecc.start / FEC_BLOCKSIZE, params->ecc.blocks, params->ecc.roots);
- } else {
- res = snprintf(buf, bufsize,
- "%s %u " VERITY_TABLE_OPT_FEC_FORMAT,
- params->table, VERITY_TABLE_OPT_FEC_ARGS, params->ecc_dev,
- params->ecc.start / FEC_BLOCKSIZE, params->ecc.blocks, params->ecc.roots);
- }
- } else if (mode_flag) {
- res = snprintf(buf, bufsize, "%s 2 " VERITY_TABLE_OPT_IGNZERO " %s", params->table,
- mode_flag);
- } else {
- res = strlcpy(buf, params->table, bufsize);
- }
-
- if (res < 0 || (size_t)res >= bufsize) {
- ERROR("Error building verity table; insufficient buffer size?\n");
- return false;
- }
-
- return true;
-}
-
-static bool format_legacy_verity_table(char *buf, const size_t bufsize,
- const struct verity_table_params *params)
-{
- int res;
-
- if (params->mode == VERITY_MODE_EIO) {
- res = strlcpy(buf, params->table, bufsize);
- } else {
- res = snprintf(buf, bufsize, "%s %d", params->table, params->mode);
- }
-
- if (res < 0 || (size_t)res >= bufsize) {
- ERROR("Error building verity table; insufficient buffer size?\n");
- return false;
- }
-
- return true;
-}
-
-static int load_verity_table(struct dm_ioctl *io, char *name, uint64_t device_size, int fd,
- const struct verity_table_params *params, format_verity_table_func format)
+static int load_verity_table(struct dm_ioctl *io, char *name, uint64_t device_size, int fd, char *table,
+ int mode)
{
char *verity_params;
char *buffer = (char*) io;
@@ -295,32 +390,35 @@
struct dm_target_spec *tgt = (struct dm_target_spec *) &buffer[sizeof(struct dm_ioctl)];
- // set tgt arguments
+ // set tgt arguments here
io->target_count = 1;
- tgt->status = 0;
- tgt->sector_start = 0;
- tgt->length = device_size / 512;
+ tgt->status=0;
+ tgt->sector_start=0;
+ tgt->length=device_size/512;
strcpy(tgt->target_type, "verity");
- // build the verity params
+ // build the verity params here
verity_params = buffer + sizeof(struct dm_ioctl) + sizeof(struct dm_target_spec);
bufsize = DM_BUF_SIZE - (verity_params - buffer);
- if (!format(verity_params, bufsize, params)) {
- ERROR("Failed to format verity parameters\n");
+ if (mode == VERITY_MODE_EIO) {
+ // allow operation with older dm-verity drivers that are unaware
+ // of the mode parameter by omitting it; this also means that we
+ // cannot use logging mode with these drivers, they always cause
+ // an I/O error for corrupted blocks
+ strcpy(verity_params, table);
+ } else if (snprintf(verity_params, bufsize, "%s %d", table, mode) < 0) {
return -1;
}
- INFO("loading verity table: '%s'", verity_params);
-
// set next target boundary
verity_params += strlen(verity_params) + 1;
- verity_params = (char*)(((unsigned long)verity_params + 7) & ~8);
+ verity_params = (char*) (((unsigned long)verity_params + 7) & ~8);
tgt->next = verity_params - buffer;
// send the ioctl to load the verity table
if (ioctl(fd, DM_TABLE_LOAD, io)) {
- ERROR("Error loading verity table (%s)\n", strerror(errno));
+ ERROR("Error loading verity table (%s)", strerror(errno));
return -1;
}
@@ -605,31 +703,28 @@
static int compare_last_signature(struct fstab_rec *fstab, int *match)
{
char tag[METADATA_TAG_MAX_LENGTH + 1];
+ char *signature = NULL;
int fd = -1;
int rc = -1;
- off64_t offset = 0;
- struct fec_handle *f = NULL;
- struct fec_verity_metadata verity;
uint8_t curr[SHA256_DIGEST_SIZE];
uint8_t prev[SHA256_DIGEST_SIZE];
+ off64_t offset = 0;
+ uint64_t device_size;
*match = 1;
- if (fec_open(&f, fstab->blk_device, O_RDONLY, FEC_VERITY_DISABLE,
- FEC_DEFAULT_ROOTS) == -1) {
- ERROR("Failed to open '%s' (%s)\n", fstab->blk_device,
- strerror(errno));
- return rc;
- }
-
- // read verity metadata
- if (fec_verity_get_metadata(f, &verity) == -1) {
- ERROR("Failed to get verity metadata '%s' (%s)\n", fstab->blk_device,
- strerror(errno));
+ // get verity filesystem size
+ if (get_fs_size(fstab->fs_type, fstab->blk_device, &device_size) < 0) {
+ ERROR("Failed to get filesystem size\n");
goto out;
}
- SHA256_hash(verity.signature, RSANUMBYTES, curr);
+ if (read_verity_metadata(device_size, fstab->blk_device, &signature, NULL) < 0) {
+ ERROR("Failed to read verity signature from %s\n", fstab->mount_point);
+ goto out;
+ }
+
+ SHA256_hash(signature, RSANUMBYTES, curr);
if (snprintf(tag, sizeof(tag), VERITY_LASTSIG_TAG "_%s",
basename(fstab->mount_point)) >= (int)sizeof(tag)) {
@@ -671,7 +766,12 @@
rc = 0;
out:
- fec_close(f);
+ free(signature);
+
+ if (fd != -1) {
+ close(fd);
+ }
+
return rc;
}
@@ -784,7 +884,6 @@
{
alignas(dm_ioctl) char buffer[DM_BUF_SIZE];
bool use_state = true;
- bool use_state_for_device = true;
char fstab_filename[PROPERTY_VALUE_MAX + sizeof(FSTAB_PREFIX)];
char *mount_point;
char propbuf[PROPERTY_VALUE_MAX];
@@ -829,12 +928,10 @@
continue;
}
- use_state_for_device = use_state;
-
if (use_state) {
if (get_verity_state_offset(&fstab->recs[i], &offset) < 0 ||
read_verity_state(fstab->recs[i].verity_loc, offset, &mode) < 0) {
- use_state_for_device = false;
+ continue;
}
}
@@ -849,7 +946,7 @@
status = &buffer[io->data_start + sizeof(struct dm_target_spec)];
- if (use_state_for_device && *status == 'C') {
+ if (use_state && *status == 'C') {
if (write_verity_state(fstab->recs[i].verity_loc, offset,
VERITY_MODE_LOGGING) < 0) {
continue;
@@ -875,105 +972,87 @@
return rc;
}
-int fs_mgr_setup_verity(struct fstab_rec *fstab)
-{
+int fs_mgr_setup_verity(struct fstab_rec *fstab) {
+
int retval = FS_MGR_SETUP_VERITY_FAIL;
int fd = -1;
- char *invalid_table = NULL;
- char *verity_blk_name = NULL;
- struct fec_handle *f = NULL;
- struct fec_verity_metadata verity;
- struct verity_table_params params;
+ int mode;
+
+ char *verity_blk_name = 0;
+ char *verity_table = 0;
+ char *verity_table_signature = 0;
+ int verity_table_length = 0;
+ uint64_t device_size = 0;
alignas(dm_ioctl) char buffer[DM_BUF_SIZE];
struct dm_ioctl *io = (struct dm_ioctl *) buffer;
char *mount_point = basename(fstab->mount_point);
- if (fec_open(&f, fstab->blk_device, O_RDONLY, FEC_VERITY_DISABLE,
- FEC_DEFAULT_ROOTS) < 0) {
- ERROR("Failed to open '%s' (%s)\n", fstab->blk_device,
- strerror(errno));
+ // get verity filesystem size
+ if (get_fs_size(fstab->fs_type, fstab->blk_device, &device_size) < 0) {
return retval;
}
- // read verity metadata
- if (fec_verity_get_metadata(f, &verity) < 0) {
- ERROR("Failed to get verity metadata '%s' (%s)\n", fstab->blk_device,
- strerror(errno));
+ // read the verity block at the end of the block device
+ // send error code up the chain so we can detect attempts to disable verity
+ retval = read_verity_metadata(device_size,
+ fstab->blk_device,
+ &verity_table_signature,
+ &verity_table);
+ if (retval < 0) {
goto out;
}
-#ifdef ALLOW_ADBD_DISABLE_VERITY
- if (verity.disabled) {
- retval = FS_MGR_SETUP_VERITY_DISABLED;
- INFO("Attempt to cleanly disable verity - only works in USERDEBUG\n");
- goto out;
- }
-#endif
-
- // read ecc metadata
- if (fec_ecc_get_metadata(f, ¶ms.ecc) < 0) {
- params.ecc.valid = false;
- }
-
- params.ecc_dev = fstab->blk_device;
+ retval = FS_MGR_SETUP_VERITY_FAIL;
+ verity_table_length = strlen(verity_table);
// get the device mapper fd
if ((fd = open("/dev/device-mapper", O_RDWR)) < 0) {
- ERROR("Error opening device mapper (%s)\n", strerror(errno));
+ ERROR("Error opening device mapper (%s)", strerror(errno));
goto out;
}
// create the device
if (create_verity_device(io, mount_point, fd) < 0) {
- ERROR("Couldn't create verity device!\n");
+ ERROR("Couldn't create verity device!");
goto out;
}
// get the name of the device file
if (get_verity_device_name(io, mount_point, fd, &verity_blk_name) < 0) {
- ERROR("Couldn't get verity device number!\n");
+ ERROR("Couldn't get verity device number!");
goto out;
}
- if (load_verity_state(fstab, ¶ms.mode) < 0) {
+ if (load_verity_state(fstab, &mode) < 0) {
/* if accessing or updating the state failed, switch to the default
* safe mode. This makes sure the device won't end up in an endless
* restart loop, and no corrupted data will be exposed to userspace
* without a warning. */
- params.mode = VERITY_MODE_EIO;
+ mode = VERITY_MODE_EIO;
}
// verify the signature on the table
- if (verify_table(verity.signature, verity.table,
- verity.table_length) < 0) {
- if (params.mode == VERITY_MODE_LOGGING) {
+ if (verify_table(verity_table_signature,
+ verity_table,
+ verity_table_length) < 0) {
+ if (mode == VERITY_MODE_LOGGING) {
// the user has been warned, allow mounting without dm-verity
retval = FS_MGR_SETUP_VERITY_SUCCESS;
goto out;
}
// invalidate root hash and salt to trigger device-specific recovery
- invalid_table = strdup(verity.table);
-
- if (!invalid_table ||
- invalidate_table(invalid_table, verity.table_length) < 0) {
+ if (invalidate_table(verity_table, verity_table_length) < 0) {
goto out;
}
-
- params.table = invalid_table;
- } else {
- params.table = verity.table;
}
- INFO("Enabling dm-verity for %s (mode %d)\n", mount_point, params.mode);
+ INFO("Enabling dm-verity for %s (mode %d)\n", mount_point, mode);
// load the verity mapping table
- if (load_verity_table(io, mount_point, verity.data_size, fd, ¶ms,
- format_verity_table) < 0 &&
- // try the legacy format for backwards compatibility
- load_verity_table(io, mount_point, verity.data_size, fd, ¶ms,
- format_legacy_verity_table) < 0) {
+ if (load_verity_table(io, mount_point, device_size, fd, verity_table,
+ mode) < 0) {
goto out;
}
@@ -1002,8 +1081,8 @@
close(fd);
}
- fec_close(f);
- free(invalid_table);
+ free(verity_table);
+ free(verity_table_signature);
free(verity_blk_name);
return retval;
diff --git a/init/Android.mk b/init/Android.mk
index 8e45a7a..c1cdc1a 100644
--- a/init/Android.mk
+++ b/init/Android.mk
@@ -84,8 +84,6 @@
LOCAL_STATIC_LIBRARIES := \
libinit \
libfs_mgr \
- libfec \
- libfec_rs \
libsquashfs_utils \
liblogwrap \
libcutils \
@@ -96,7 +94,6 @@
libc \
libselinux \
libmincrypt \
- libcrypto_static \
libc++_static \
libdl \
libsparse_static \