summaryrefslogtreecommitdiffstats
path: root/update_verifier/update_verifier.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'update_verifier/update_verifier.cpp')
-rw-r--r--update_verifier/update_verifier.cpp153
1 files changed, 93 insertions, 60 deletions
diff --git a/update_verifier/update_verifier.cpp b/update_verifier/update_verifier.cpp
index 48242a5d0..faebbede0 100644
--- a/update_verifier/update_verifier.cpp
+++ b/update_verifier/update_verifier.cpp
@@ -45,6 +45,7 @@
#include <unistd.h>
#include <algorithm>
+#include <future>
#include <string>
#include <vector>
@@ -123,11 +124,6 @@ static bool read_blocks(const std::string& partition, const std::string& range_s
LOG(ERROR) << "Failed to find dm block device for " << partition;
return false;
}
- android::base::unique_fd fd(TEMP_FAILURE_RETRY(open(dm_block_device.c_str(), O_RDONLY)));
- if (fd.get() == -1) {
- PLOG(ERROR) << "Error reading " << dm_block_device << " for partition " << partition;
- return false;
- }
// For block range string, first integer 'count' equals 2 * total number of valid ranges,
// followed by 'count' number comma separated integers. Every two integers reprensent a
@@ -142,73 +138,110 @@ static bool read_blocks(const std::string& partition, const std::string& range_s
return false;
}
- size_t blk_count = 0;
- for (size_t i = 1; i < ranges.size(); i += 2) {
- unsigned int range_start, range_end;
- bool parse_status = android::base::ParseUint(ranges[i], &range_start);
- parse_status = parse_status && android::base::ParseUint(ranges[i + 1], &range_end);
- if (!parse_status || range_start >= range_end) {
- LOG(ERROR) << "Invalid range pair " << ranges[i] << ", " << ranges[i + 1];
- return false;
- }
-
- static constexpr size_t BLOCKSIZE = 4096;
- if (lseek64(fd.get(), static_cast<off64_t>(range_start) * BLOCKSIZE, SEEK_SET) == -1) {
- PLOG(ERROR) << "lseek to " << range_start << " failed";
- return false;
- }
+ std::vector<std::future<bool>> threads;
+ size_t thread_num = std::thread::hardware_concurrency() ?: 4;
+ thread_num = std::min(thread_num, range_count / 2);
+ size_t group_range_count = range_count / thread_num;
- size_t remain = (range_end - range_start) * BLOCKSIZE;
- while (remain > 0) {
- size_t to_read = std::min(remain, 1024 * BLOCKSIZE);
- std::vector<uint8_t> buf(to_read);
- if (!android::base::ReadFully(fd.get(), buf.data(), to_read)) {
- PLOG(ERROR) << "Failed to read blocks " << range_start << " to " << range_end;
+ for (size_t t = 0; t < thread_num; t++) {
+ auto thread_func = [t, group_range_count, &dm_block_device, &ranges, &partition]() {
+ size_t blk_count = 0;
+ static constexpr size_t kBlockSize = 4096;
+ std::vector<uint8_t> buf(1024 * kBlockSize);
+ android::base::unique_fd fd(TEMP_FAILURE_RETRY(open(dm_block_device.c_str(), O_RDONLY)));
+ if (fd.get() == -1) {
+ PLOG(ERROR) << "Error reading " << dm_block_device << " for partition " << partition;
return false;
}
- remain -= to_read;
- }
- blk_count += (range_end - range_start);
+
+ for (size_t i = 1 + group_range_count * t; i < group_range_count * (t + 1) + 1; i += 2) {
+ unsigned int range_start, range_end;
+ bool parse_status = android::base::ParseUint(ranges[i], &range_start);
+ parse_status = parse_status && android::base::ParseUint(ranges[i + 1], &range_end);
+ if (!parse_status || range_start >= range_end) {
+ LOG(ERROR) << "Invalid range pair " << ranges[i] << ", " << ranges[i + 1];
+ return false;
+ }
+
+ if (lseek64(fd.get(), static_cast<off64_t>(range_start) * kBlockSize, SEEK_SET) == -1) {
+ PLOG(ERROR) << "lseek to " << range_start << " failed";
+ return false;
+ }
+
+ size_t remain = (range_end - range_start) * kBlockSize;
+ while (remain > 0) {
+ size_t to_read = std::min(remain, 1024 * kBlockSize);
+ if (!android::base::ReadFully(fd.get(), buf.data(), to_read)) {
+ PLOG(ERROR) << "Failed to read blocks " << range_start << " to " << range_end;
+ return false;
+ }
+ remain -= to_read;
+ }
+ blk_count += (range_end - range_start);
+ }
+ LOG(INFO) << "Finished reading " << blk_count << " blocks on " << dm_block_device;
+ return true;
+ };
+
+ threads.emplace_back(std::async(std::launch::async, thread_func));
}
- LOG(INFO) << "Finished reading " << blk_count << " blocks on " << dm_block_device;
- return true;
+ bool ret = true;
+ for (auto& t : threads) {
+ ret = t.get() && ret;
+ }
+ LOG(INFO) << "Finished reading blocks on " << dm_block_device << " with " << thread_num
+ << " threads.";
+ return ret;
}
+// Returns true to indicate a passing verification (or the error should be ignored); Otherwise
+// returns false on fatal errors, where we should reject the current boot and trigger a fallback.
+// Note that update_verifier should be backward compatible to not reject care_map.txt from old
+// releases, which could otherwise fail to boot into the new release. For example, we've changed
+// the care_map format between N and O. An O update_verifier would fail to work with N
+// care_map.txt. This could be a result of sideloading an O OTA while the device having a pending N
+// update.
bool verify_image(const std::string& care_map_name) {
- android::base::unique_fd care_map_fd(TEMP_FAILURE_RETRY(open(care_map_name.c_str(), O_RDONLY)));
- // If the device is flashed before the current boot, it may not have care_map.txt
- // in /data/ota_package. To allow the device to continue booting in this situation,
- // we should print a warning and skip the block verification.
- if (care_map_fd.get() == -1) {
- PLOG(WARNING) << "Failed to open " << care_map_name;
- return true;
- }
- // Care map file has four lines (two lines if vendor partition is not present):
- // First line has the block partition name (system/vendor).
- // Second line holds all ranges of blocks to verify.
- // The next two lines have the same format but for vendor partition.
- std::string file_content;
- if (!android::base::ReadFdToString(care_map_fd.get(), &file_content)) {
- LOG(ERROR) << "Error reading care map contents to string.";
- return false;
- }
+ android::base::unique_fd care_map_fd(TEMP_FAILURE_RETRY(open(care_map_name.c_str(), O_RDONLY)));
+ // If the device is flashed before the current boot, it may not have care_map.txt
+ // in /data/ota_package. To allow the device to continue booting in this situation,
+ // we should print a warning and skip the block verification.
+ if (care_map_fd.get() == -1) {
+ PLOG(WARNING) << "Failed to open " << care_map_name;
+ return true;
+ }
+ // Care map file has four lines (two lines if vendor partition is not present):
+ // First line has the block partition name (system/vendor).
+ // Second line holds all ranges of blocks to verify.
+ // The next two lines have the same format but for vendor partition.
+ std::string file_content;
+ if (!android::base::ReadFdToString(care_map_fd.get(), &file_content)) {
+ LOG(ERROR) << "Error reading care map contents to string.";
+ return false;
+ }
- std::vector<std::string> lines;
- lines = android::base::Split(android::base::Trim(file_content), "\n");
- if (lines.size() != 2 && lines.size() != 4) {
- LOG(ERROR) << "Invalid lines in care_map: found " << lines.size()
- << " lines, expecting 2 or 4 lines.";
- return false;
- }
+ std::vector<std::string> lines;
+ lines = android::base::Split(android::base::Trim(file_content), "\n");
+ if (lines.size() != 2 && lines.size() != 4) {
+ LOG(ERROR) << "Invalid lines in care_map: found " << lines.size()
+ << " lines, expecting 2 or 4 lines.";
+ return false;
+ }
- for (size_t i = 0; i < lines.size(); i += 2) {
- if (!read_blocks(lines[i], lines[i+1])) {
- return false;
- }
+ for (size_t i = 0; i < lines.size(); i += 2) {
+ // We're seeing an N care_map.txt. Skip the verification since it's not compatible with O
+ // update_verifier (the last few metadata blocks can't be read via device mapper).
+ if (android::base::StartsWith(lines[i], "/dev/block/")) {
+ LOG(WARNING) << "Found legacy care_map.txt; skipped.";
+ return true;
}
+ if (!read_blocks(lines[i], lines[i+1])) {
+ return false;
+ }
+ }
- return true;
+ return true;
}
static int reboot_device() {
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-26 06:34:09 +0200