1The Recovery Image
4Quick turn-around testing
7 mm -j && m ramdisk-nodeps && m recoveryimage-nodeps
9 # To boot into the new recovery image
10 # without flashing the recovery partition:
11 adb reboot bootloader
12 fastboot boot $ANDROID_PRODUCT_OUT/recovery.img
14Running the tests
16 # After setting up environment and lunch.
17 mmma -j bootable/recovery
19 # Running the tests on device.
20 adb root
21 adb sync data
23 # 32-bit device
24 adb shell /data/nativetest/recovery_unit_test/recovery_unit_test
25 adb shell /data/nativetest/recovery_component_test/recovery_component_test
27 # Or 64-bit device
28 adb shell /data/nativetest64/recovery_unit_test/recovery_unit_test
29 adb shell /data/nativetest64/recovery_component_test/recovery_component_test
31Running the manual tests
34`recovery-refresh` and `recovery-persist` executables exist only on systems without
35/cache partition. And we need to follow special steps to run tests for them.
37- Execute the test on an A/B device first. The test should fail but it will log
38 some contents to pmsg.
40- Reboot the device immediately and run the test again. The test should save the
41 contents of pmsg buffer into /data/misc/recovery/inject.txt. Test will pass if
42 this file has expected contents.
44Using `adb` under recovery
47When running recovery image from debuggable builds (i.e. `-eng` or `-userdebug` build variants, or
48`ro.debuggable=1` in `/prop.default`), `adbd` service is enabled and started by default, which
49allows `adb` communication. A device should be listed under `adb devices`, either in `recovery` or
52 $ adb devices
53 List of devices attached
54 1234567890abcdef recovery
56Although `/system/bin/adbd` is built from the same code base as the one in the normal boot, only a
57subset of `adb` commands are meaningful under recovery, such as `adb root`, `adb shell`, `adb push`,
58`adb pull` etc. Since Android Q, `adb shell` no longer requires manually mounting `/system` from
63### `adb devices` doesn't show the device.
65 $ adb devices
66 List of devices attached
68 * Ensure `adbd` is built and running.
70By default, `adbd` is always included into recovery image, as `/system/bin/adbd`. `init` starts
71`adbd` service automatically only in debuggable builds. This behavior is controlled by the recovery
72specific `/init.rc`, whose source code is at `bootable/recovery/etc/init.rc`.
74The best way to confirm a running `adbd` is by checking the serial output, which shows a service
75start log as below.
77 [ 18.961986] c1 1 init: starting service 'adbd'...
79 * Ensure USB gadget has been enabled.
81If `adbd` service has been started but device not shown under `adb devices`, use `lsusb(8)` (on
82host) to check if the device is visible to the host.
84`bootable/recovery/etc/init.rc` disables Android USB gadget (via sysfs) as part of the `fs` action
85trigger, and will only re-enable it in debuggable builds (the `on property` rule will always run
86_after_ `on fs`).
88 on fs
89 write /sys/class/android_usb/android0/enable 0
91 # Always start adbd on userdebug and eng builds
92 on property:ro.debuggable=1
93 write /sys/class/android_usb/android0/enable 1
94 start adbd
96If device is using [configfs](https://www.kernel.org/doc/Documentation/usb/gadget_configfs.txt),
97check if configfs has been properly set up in init rc scripts. See the [example
99for Pixel 2 devices. Note that the flag set via sysfs (i.e. the one above) is no-op when using
102### `adb devices` shows the device, but in `unauthorized` state.
104 $ adb devices
105 List of devices attached
106 1234567890abcdef unauthorized
108recovery image doesn't honor the USB debugging toggle and the authorizations added under normal boot
109(because such authorization data stays in /data, which recovery doesn't mount), nor does it support
110authorizing a host device under recovery. We can use one of the following options instead.
112 * **Option 1 (Recommended):** Authorize a host device with adb vendor keys.
114For debuggable builds, an RSA keypair can be used to authorize a host device that has the private
115key. The public key, defined via `PRODUCT_ADB_KEYS`, will be copied to `/adb_keys`. When starting
116the host-side `adbd`, make sure the filename (or the directory) of the matching private key has been
117added to `$ADB_VENDOR_KEYS`.
119 $ export ADB_VENDOR_KEYS=/path/to/adb/private/key
120 $ adb kill-server
121 $ adb devices
123`-user` builds filter out `PRODUCT_ADB_KEYS`, so no `/adb_keys` will be included there.
125Note that this mechanism applies to both of normal boot and recovery modes.
127 * **Option 2:** Allow `adbd` to connect without authentication.
128 * `adbd` is compiled with `ALLOW_ADBD_NO_AUTH` (only on debuggable builds).
129 * `ro.adb.secure` has a value of `0`.
131Both of the two conditions need to be satisfied. Although `ro.adb.secure` is a runtime property, its
132value is set at build time (written into `/prop.default`). It defaults to `1` on `-user` builds, and
133`0` for other build variants. The value is overridable via `PRODUCT_DEFAULT_PROPERTY_OVERRIDES`.