From 7bad7c4646ee8fd8d6e6ed0ffd3ddbb0c1b41a2f Mon Sep 17 00:00:00 2001 From: Elliott Hughes Date: Tue, 28 Apr 2015 17:24:24 -0700 Subject: Check all lseek calls succeed. Also add missing TEMP_FAILURE_RETRYs on read, write, and lseek. Bug: http://b/20625546 Change-Id: I03b198e11c1921b35518ee2dd005a7cfcf4fd94b --- updater/blockimg.c | 48 ++++++++++++++++++++---------------------------- 1 file changed, 20 insertions(+), 28 deletions(-) (limited to 'updater') diff --git a/updater/blockimg.c b/updater/blockimg.c index d5344f991..532e7b845 100644 --- a/updater/blockimg.c +++ b/updater/blockimg.c @@ -113,13 +113,12 @@ static int range_overlaps(RangeSet* r1, RangeSet* r2) { static int read_all(int fd, uint8_t* data, size_t size) { size_t so_far = 0; while (so_far < size) { - ssize_t r = read(fd, data+so_far, size-so_far); - if (r < 0 && errno != EINTR) { + ssize_t r = TEMP_FAILURE_RETRY(read(fd, data+so_far, size-so_far)); + if (r == -1) { fprintf(stderr, "read failed: %s\n", strerror(errno)); return -1; - } else { - so_far += r; } + so_far += r; } return 0; } @@ -127,13 +126,12 @@ static int read_all(int fd, uint8_t* data, size_t size) { static int write_all(int fd, const uint8_t* data, size_t size) { size_t written = 0; while (written < size) { - ssize_t w = write(fd, data+written, size-written); - if (w < 0 && errno != EINTR) { + ssize_t w = TEMP_FAILURE_RETRY(write(fd, data+written, size-written)); + if (w == -1) { fprintf(stderr, "write failed: %s\n", strerror(errno)); return -1; - } else { - written += w; } + written += w; } if (fsync(fd) == -1) { @@ -144,19 +142,13 @@ static int write_all(int fd, const uint8_t* data, size_t size) { return 0; } -static int check_lseek(int fd, off64_t offset, int whence) { - while (true) { - off64_t ret = lseek64(fd, offset, whence); - if (ret < 0) { - if (errno != EINTR) { - fprintf(stderr, "lseek64 failed: %s\n", strerror(errno)); - return -1; - } - } else { - break; - } +static bool check_lseek(int fd, off64_t offset, int whence) { + off64_t rc = TEMP_FAILURE_RETRY(lseek64(fd, offset, whence)); + if (rc == -1) { + fprintf(stderr, "lseek64 failed: %s\n", strerror(errno)); + return false; } - return 0; + return true; } static void allocate(size_t size, uint8_t** buffer, size_t* buffer_alloc) { @@ -213,8 +205,8 @@ static ssize_t RangeSinkWrite(const uint8_t* data, ssize_t size, void* token) { rss->p_remain = (rss->tgt->pos[rss->p_block * 2 + 1] - rss->tgt->pos[rss->p_block * 2]) * BLOCKSIZE; - if (check_lseek(rss->fd, (off64_t)rss->tgt->pos[rss->p_block*2] * BLOCKSIZE, - SEEK_SET) == -1) { + if (!check_lseek(rss->fd, (off64_t)rss->tgt->pos[rss->p_block*2] * BLOCKSIZE, + SEEK_SET)) { break; } } else { @@ -306,7 +298,7 @@ static int ReadBlocks(RangeSet* src, uint8_t* buffer, int fd) { } for (i = 0; i < src->count; ++i) { - if (check_lseek(fd, (off64_t) src->pos[i * 2] * BLOCKSIZE, SEEK_SET) == -1) { + if (!check_lseek(fd, (off64_t) src->pos[i * 2] * BLOCKSIZE, SEEK_SET)) { return -1; } @@ -332,7 +324,7 @@ static int WriteBlocks(RangeSet* tgt, uint8_t* buffer, int fd) { } for (i = 0; i < tgt->count; ++i) { - if (check_lseek(fd, (off64_t) tgt->pos[i * 2] * BLOCKSIZE, SEEK_SET) == -1) { + if (!check_lseek(fd, (off64_t) tgt->pos[i * 2] * BLOCKSIZE, SEEK_SET)) { return -1; } @@ -1217,7 +1209,7 @@ static int PerformCommandZero(CommandParameters* params) { if (params->canwrite) { for (i = 0; i < tgt->count; ++i) { - if (check_lseek(params->fd, (off64_t) tgt->pos[i * 2] * BLOCKSIZE, SEEK_SET) == -1) { + if (!check_lseek(params->fd, (off64_t) tgt->pos[i * 2] * BLOCKSIZE, SEEK_SET)) { goto pczout; } @@ -1271,7 +1263,7 @@ static int PerformCommandNew(CommandParameters* params) { rss.p_block = 0; rss.p_remain = (tgt->pos[1] - tgt->pos[0]) * BLOCKSIZE; - if (check_lseek(params->fd, (off64_t) tgt->pos[0] * BLOCKSIZE, SEEK_SET) == -1) { + if (!check_lseek(params->fd, (off64_t) tgt->pos[0] * BLOCKSIZE, SEEK_SET)) { goto pcnout; } @@ -1367,7 +1359,7 @@ static int PerformCommandDiff(CommandParameters* params) { rss.p_block = 0; rss.p_remain = (tgt->pos[1] - tgt->pos[0]) * BLOCKSIZE; - if (check_lseek(params->fd, (off64_t) tgt->pos[0] * BLOCKSIZE, SEEK_SET) == -1) { + if (!check_lseek(params->fd, (off64_t) tgt->pos[0] * BLOCKSIZE, SEEK_SET)) { goto pcdout; } @@ -1906,7 +1898,7 @@ Value* RangeSha1Fn(const char* name, State* state, int argc, Expr* argv[]) { int i, j; for (i = 0; i < rs->count; ++i) { - if (check_lseek(fd, (off64_t)rs->pos[i*2] * BLOCKSIZE, SEEK_SET) == -1) { + if (!check_lseek(fd, (off64_t)rs->pos[i*2] * BLOCKSIZE, SEEK_SET)) { ErrorAbort(state, "failed to seek %s: %s", blockdev_filename->data, strerror(errno)); goto done; -- cgit v1.2.3 From f2bac04e1ba0a5b79f8adbc35b493923b776f8b2 Mon Sep 17 00:00:00 2001 From: Sami Tolvanen Date: Tue, 12 May 2015 12:48:46 +0100 Subject: Add error and range checks to parse_range Only trusted input is passed to parse_range, but check for invalid input to catch possible problems in transfer lists. Bug: 21033983 Bug: 21034030 Bug: 21034172 Bug: 21034406 Change-Id: Ia17537a2d23d5f701522fbc42ed38924e1ee3366 --- updater/blockimg.c | 81 +++++++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 71 insertions(+), 10 deletions(-) (limited to 'updater') diff --git a/updater/blockimg.c b/updater/blockimg.c index 532e7b845..a98cdcccf 100644 --- a/updater/blockimg.c +++ b/updater/blockimg.c @@ -60,30 +60,91 @@ typedef struct { int pos[0]; } RangeSet; +#define RANGESET_MAX_POINTS \ + ((int)((INT_MAX / sizeof(int)) - sizeof(RangeSet))) + static RangeSet* parse_range(char* text) { char* save; - int num; - num = strtol(strtok_r(text, ",", &save), NULL, 0); + char* token; + int i, num; + long int val; + RangeSet* out = NULL; + size_t bufsize; - RangeSet* out = malloc(sizeof(RangeSet) + num * sizeof(int)); - if (out == NULL) { - fprintf(stderr, "failed to allocate range of %zu bytes\n", - sizeof(RangeSet) + num * sizeof(int)); - exit(1); + if (!text) { + goto err; + } + + token = strtok_r(text, ",", &save); + + if (!token) { + goto err; + } + + val = strtol(token, NULL, 0); + + if (val < 2 || val > RANGESET_MAX_POINTS) { + goto err; + } else if (val % 2) { + goto err; // must be even + } + + num = (int) val; + bufsize = sizeof(RangeSet) + num * sizeof(int); + + out = malloc(bufsize); + + if (!out) { + fprintf(stderr, "failed to allocate range of %zu bytes\n", bufsize); + goto err; } + out->count = num / 2; out->size = 0; - int i; + for (i = 0; i < num; ++i) { - out->pos[i] = strtol(strtok_r(NULL, ",", &save), NULL, 0); - if (i%2) { + token = strtok_r(NULL, ",", &save); + + if (!token) { + goto err; + } + + val = strtol(token, NULL, 0); + + if (val < 0 || val > INT_MAX) { + goto err; + } + + out->pos[i] = (int) val; + + if (i % 2) { + if (out->pos[i - 1] >= out->pos[i]) { + goto err; // empty or negative range + } + + if (out->size > INT_MAX - out->pos[i]) { + goto err; // overflow + } + out->size += out->pos[i]; } else { + if (out->size < 0) { + goto err; + } + out->size -= out->pos[i]; } } + if (out->size <= 0) { + goto err; + } + return out; + +err: + fprintf(stderr, "failed to parse range '%s'\n", text ? text : "NULL"); + exit(1); } static int range_overlaps(RangeSet* r1, RangeSet* r2) { -- cgit v1.2.3 From b47afedb42866e85b76822736d915afd371ef5f0 Mon Sep 17 00:00:00 2001 From: Elliott Hughes Date: Fri, 15 May 2015 16:19:20 -0700 Subject: Don't use TEMP_FAILURE_RETRY on close in recovery. Bug: http://b/20501816 Change-Id: I35efcd8dcec7a6492ba70602d380d9980cdda31f --- updater/blockimg.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'updater') diff --git a/updater/blockimg.c b/updater/blockimg.c index 532e7b845..a0e9aec6a 100644 --- a/updater/blockimg.c +++ b/updater/blockimg.c @@ -694,7 +694,7 @@ static int WriteStash(const char* base, const char* id, int blocks, uint8_t* buf wsout: if (fd != -1) { - TEMP_FAILURE_RETRY(close(fd)); + close(fd); } if (fn) { @@ -1732,7 +1732,7 @@ pbiudone: if (fsync(params.fd) == -1) { fprintf(stderr, "fsync failed: %s\n", strerror(errno)); } - TEMP_FAILURE_RETRY(close(params.fd)); + close(params.fd); } if (logcmd) { -- cgit v1.2.3 From e49a9e527a51f43db792263bb60bfc91293848da Mon Sep 17 00:00:00 2001 From: Dan Albert Date: Tue, 19 May 2015 11:33:18 -0700 Subject: Stop using libstdc++. These are already getting libc++, so it isn't necessary. If any of the other static libraries (such as adb) use new or delete from libc++, there will be symbol collisions. Change-Id: I55e43ec60006d3c2403122fa1174bde06f18e09f --- updater/Android.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'updater') diff --git a/updater/Android.mk b/updater/Android.mk index ff02a33b0..57f43da96 100644 --- a/updater/Android.mk +++ b/updater/Android.mk @@ -32,7 +32,7 @@ endif LOCAL_STATIC_LIBRARIES += $(TARGET_RECOVERY_UPDATER_LIBS) $(TARGET_RECOVERY_UPDATER_EXTRA_LIBS) LOCAL_STATIC_LIBRARIES += libapplypatch libedify libmtdutils libminzip libz LOCAL_STATIC_LIBRARIES += libmincrypt libbz -LOCAL_STATIC_LIBRARIES += libcutils liblog libstdc++ libc +LOCAL_STATIC_LIBRARIES += libcutils liblog libc LOCAL_STATIC_LIBRARIES += libselinux tune2fs_static_libraries := \ libext2_com_err \ -- cgit v1.2.3 From cc2428c8181d18c9a88db908fa4eabd2db5601ad Mon Sep 17 00:00:00 2001 From: Sami Tolvanen Date: Mon, 27 Apr 2015 11:24:29 +0100 Subject: Handle BLKDISCARD failures In the block updater, if BLKDISCARD fails, the error is silently ignored and some of the blocks may not be erased. This means the target partition will have inconsistent contents. If the ioctl fails, return an error and abort the update. Bug: 20614277 Change-Id: I33867ba9337c514de8ffae59f28584b285324067 --- updater/blockimg.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'updater') diff --git a/updater/blockimg.c b/updater/blockimg.c index ce6360099..42060f547 100644 --- a/updater/blockimg.c +++ b/updater/blockimg.c @@ -1485,7 +1485,6 @@ static int PerformCommandErase(CommandParameters* params) { if (!S_ISBLK(st.st_mode)) { fprintf(stderr, "not a block device; skipping erase\n"); - rc = 0; goto pceout; } @@ -1509,7 +1508,7 @@ static int PerformCommandErase(CommandParameters* params) { if (ioctl(params->fd, BLKDISCARD, &blocks) == -1) { fprintf(stderr, "BLKDISCARD ioctl failed: %s\n", strerror(errno)); - // Continue anyway, nothing we can do + goto pceout; } } } -- cgit v1.2.3 From b3ac676192a093c561b7f15064cbd67733407b12 Mon Sep 17 00:00:00 2001 From: Elliott Hughes Date: Thu, 28 May 2015 23:06:17 -0700 Subject: Really don't use TEMP_FAILURE_RETRY with close in recovery. I missed one last time. Bug: http://b/20501816 Change-Id: I9896ee2704237d61ee169f898680761e946e0a56 --- updater/blockimg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'updater') diff --git a/updater/blockimg.c b/updater/blockimg.c index ce6360099..54f76ffd3 100644 --- a/updater/blockimg.c +++ b/updater/blockimg.c @@ -677,7 +677,7 @@ static int LoadStash(const char* base, const char* id, int verify, int* blocks, lsout: if (fd != -1) { - TEMP_FAILURE_RETRY(close(fd)); + close(fd); } if (fn) { -- cgit v1.2.3 From b6918c7c433054ac4352d5f7746f7c2bf2971083 Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Tue, 19 May 2015 17:02:16 -0700 Subject: Log update outputs in order Although stdout and stderr are both redirected to log file with no buffering, we are seeing some outputs are mixed in random order. This is because ui_print commands from the updater are passed to the recovery binary via a pipe, which may interleave with other outputs that go to stderr directly. In recovery, adding ui::PrintOnScreenOnly() function to handle ui_print command, which skips printing to stdout. Meanwhile, updater prints the contents to stderr in addition to piping them to recovery. Change-Id: Idda93ea940d2e23a0276bb8ead4aa70a3cb97700 --- updater/install.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'updater') diff --git a/updater/install.c b/updater/install.c index 01a5dd24b..da6b57782 100644 --- a/updater/install.c +++ b/updater/install.c @@ -61,6 +61,12 @@ void uiPrint(State* state, char* buffer) { line = strtok(NULL, "\n"); } fprintf(ui->cmd_pipe, "ui_print\n"); + + // The recovery will only print the contents to screen for pipe command + // ui_print. We need to dump the contents to stderr (which has been + // redirected to the log file) directly. + fprintf(stderr, buffer); + fprintf(stderr, "\n"); } __attribute__((__format__(printf, 2, 3))) __nonnull((2)) -- cgit v1.2.3 From 1eb9003b773d7957448efab3dc1f977e55a45fb7 Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Wed, 3 Jun 2015 09:49:02 -0700 Subject: Fix build: fprintf without modifier Change-Id: I66ae21a25a25fa3c70837bc54a7d406182d4cf37 --- updater/install.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'updater') diff --git a/updater/install.c b/updater/install.c index da6b57782..4a0e064c3 100644 --- a/updater/install.c +++ b/updater/install.c @@ -65,8 +65,7 @@ void uiPrint(State* state, char* buffer) { // The recovery will only print the contents to screen for pipe command // ui_print. We need to dump the contents to stderr (which has been // redirected to the log file) directly. - fprintf(stderr, buffer); - fprintf(stderr, "\n"); + fprintf(stderr, "%s", buffer); } __attribute__((__format__(printf, 2, 3))) __nonnull((2)) -- cgit v1.2.3 From 80e46e08de5f65702fa7f7cd3ef83f905d919bbc Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Wed, 3 Jun 2015 10:49:29 -0700 Subject: recovery: Switch to clang And a few trival fixes to suppress warnings. Change-Id: I38734b5f4434643e85feab25f4807b46a45d8d65 --- updater/Android.mk | 2 ++ 1 file changed, 2 insertions(+) (limited to 'updater') diff --git a/updater/Android.mk b/updater/Android.mk index 57f43da96..a0ea06fa5 100644 --- a/updater/Android.mk +++ b/updater/Android.mk @@ -17,6 +17,8 @@ include $(CLEAR_VARS) # needed only for OTA packages.) LOCAL_MODULE_TAGS := eng +LOCAL_CLANG := true + LOCAL_SRC_FILES := $(updater_src_files) ifeq ($(TARGET_USERIMAGES_USE_EXT4), true) -- cgit v1.2.3 From 96392b97f6bf1670d478494fb6df89a3410e53fa Mon Sep 17 00:00:00 2001 From: Sami Tolvanen Date: Tue, 9 Jun 2015 21:42:30 +0100 Subject: Zero blocks before BLKDISCARD Due to observed BLKDISCARD flakiness, overwrite blocks that we want to discard with zeros first to avoid later issues with dm-verity if BLKDISCARD is not successful. Bug: 20614277 Bug: 20881595 Change-Id: I0280fe115b020dcab35f49041fb55b7f8e793da3 --- updater/blockimg.c | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) (limited to 'updater') diff --git a/updater/blockimg.c b/updater/blockimg.c index 5d0f1560c..dfba7e420 100644 --- a/updater/blockimg.c +++ b/updater/blockimg.c @@ -39,11 +39,6 @@ #define BLOCKSIZE 4096 -// Set this to 0 to interpret 'erase' transfers to mean do a -// BLKDISCARD ioctl (the normal behavior). Set to 1 to interpret -// erase to mean fill the region with zeroes. -#define DEBUG_ERASE 0 - #ifndef BLKDISCARD #define BLKDISCARD _IO(0x12,119) #endif @@ -1283,8 +1278,7 @@ static int PerformCommandZero(CommandParameters* params) { } if (params->cmdname[0] == 'z') { - // Update only for the zero command, as the erase command will call - // this if DEBUG_ERASE is defined. + // Update only for the zero command, as the erase command will call this params->written += tgt->size; } @@ -1470,8 +1464,10 @@ static int PerformCommandErase(CommandParameters* params) { struct stat st; uint64_t blocks[2]; - if (DEBUG_ERASE) { - return PerformCommandZero(params); + // Always zero the blocks first to work around possibly flaky BLKDISCARD + // Bug: 20881595 + if (PerformCommandZero(params) != 0) { + goto pceout; } if (!params) { -- cgit v1.2.3 From e82fa18d3db21cb770f21b1a4c4b00950120758d Mon Sep 17 00:00:00 2001 From: Sami Tolvanen Date: Wed, 10 Jun 2015 15:58:12 +0000 Subject: Revert "Zero blocks before BLKDISCARD" This reverts commit 96392b97f6bf1670d478494fb6df89a3410e53fa. Change-Id: I77acc27158bad3cd8948390a3955197646a43a31 --- updater/blockimg.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'updater') diff --git a/updater/blockimg.c b/updater/blockimg.c index dfba7e420..5d0f1560c 100644 --- a/updater/blockimg.c +++ b/updater/blockimg.c @@ -39,6 +39,11 @@ #define BLOCKSIZE 4096 +// Set this to 0 to interpret 'erase' transfers to mean do a +// BLKDISCARD ioctl (the normal behavior). Set to 1 to interpret +// erase to mean fill the region with zeroes. +#define DEBUG_ERASE 0 + #ifndef BLKDISCARD #define BLKDISCARD _IO(0x12,119) #endif @@ -1278,7 +1283,8 @@ static int PerformCommandZero(CommandParameters* params) { } if (params->cmdname[0] == 'z') { - // Update only for the zero command, as the erase command will call this + // Update only for the zero command, as the erase command will call + // this if DEBUG_ERASE is defined. params->written += tgt->size; } @@ -1464,10 +1470,8 @@ static int PerformCommandErase(CommandParameters* params) { struct stat st; uint64_t blocks[2]; - // Always zero the blocks first to work around possibly flaky BLKDISCARD - // Bug: 20881595 - if (PerformCommandZero(params) != 0) { - goto pceout; + if (DEBUG_ERASE) { + return PerformCommandZero(params); } if (!params) { -- cgit v1.2.3 From a3c75e3ea60d61df93461f5c356befe825c429d2 Mon Sep 17 00:00:00 2001 From: Sami Tolvanen Date: Wed, 10 Jun 2015 17:07:05 +0100 Subject: Zero blocks before BLKDISCARD Due to observed BLKDISCARD flakiness, overwrite blocks that we want to discard with zeros first to avoid later issues with dm-verity if BLKDISCARD is not successful. Bug: 20614277 Bug: 20881595 Change-Id: I4f6f2db39db990879ff10468c9db41606497bd6f --- updater/blockimg.c | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) (limited to 'updater') diff --git a/updater/blockimg.c b/updater/blockimg.c index 5d0f1560c..fc35abe4d 100644 --- a/updater/blockimg.c +++ b/updater/blockimg.c @@ -1465,6 +1465,7 @@ pcdout: static int PerformCommandErase(CommandParameters* params) { char* range = NULL; int i; + int j; int rc = -1; RangeSet* tgt = NULL; struct stat st; @@ -1491,7 +1492,7 @@ static int PerformCommandErase(CommandParameters* params) { range = strtok_r(NULL, " ", ¶ms->cpos); if (range == NULL) { - fprintf(stderr, "missing target blocks for zero\n"); + fprintf(stderr, "missing target blocks for erase\n"); goto pceout; } @@ -1500,7 +1501,22 @@ static int PerformCommandErase(CommandParameters* params) { if (params->canwrite) { fprintf(stderr, " erasing %d blocks\n", tgt->size); + allocate(BLOCKSIZE, ¶ms->buffer, ¶ms->bufsize); + memset(params->buffer, 0, BLOCKSIZE); + for (i = 0; i < tgt->count; ++i) { + // Always zero the blocks first to work around possibly flaky BLKDISCARD + // Bug: 20881595 + if (!check_lseek(params->fd, (off64_t) tgt->pos[i * 2] * BLOCKSIZE, SEEK_SET)) { + goto pceout; + } + + for (j = tgt->pos[i * 2]; j < tgt->pos[i * 2 + 1]; ++j) { + if (write_all(params->fd, params->buffer, BLOCKSIZE) == -1) { + goto pceout; + } + } + // offset in bytes blocks[0] = tgt->pos[i * 2] * (uint64_t) BLOCKSIZE; // length in bytes -- cgit v1.2.3 From c0f56ad76680df555689d4a2397487ef8c16b1a6 Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Thu, 25 Jun 2015 14:00:31 -0700 Subject: More accurate checking for overlapped ranges. A RangeSet has half-closed half-open bounds. For example, "3,5" contains blocks 3 and 4. So "3,5" and "5,7" are actually not overlapped. Bug: 22098085 Change-Id: I75e54a6506f2a20255d782ee710e889fad2eaf29 --- updater/blockimg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'updater') diff --git a/updater/blockimg.c b/updater/blockimg.c index fc35abe4d..0bd2559f7 100644 --- a/updater/blockimg.c +++ b/updater/blockimg.c @@ -162,7 +162,7 @@ static int range_overlaps(RangeSet* r1, RangeSet* r2) { r2_0 = r2->pos[j * 2]; r2_1 = r2->pos[j * 2 + 1]; - if (!(r2_0 > r1_1 || r1_0 > r2_1)) { + if (!(r2_0 >= r1_1 || r1_0 >= r2_1)) { return 1; } } -- cgit v1.2.3 From 9c67aa2d2b60858d3315c09eb72f1a3ffeabd3f0 Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Tue, 30 Jun 2015 23:09:12 -0700 Subject: Revert "Zero blocks before BLKDISCARD" This reverts commit b65f0272c860771f2105668accd175be1ed95ae9. It slows down the update too much on some devices (e.g. increased from 8 mins to 40 mins to take a full OTA update). Bug: 22129621 Change-Id: I016e3b47313e3113f01bb4f8eb3c14856bdc35e5 (cherry picked from commit 7125f9594db027ce4313d940ce2cafac67ae8c31) --- updater/blockimg.c | 18 +----------------- 1 file changed, 1 insertion(+), 17 deletions(-) (limited to 'updater') diff --git a/updater/blockimg.c b/updater/blockimg.c index 0bd2559f7..a6a389507 100644 --- a/updater/blockimg.c +++ b/updater/blockimg.c @@ -1465,7 +1465,6 @@ pcdout: static int PerformCommandErase(CommandParameters* params) { char* range = NULL; int i; - int j; int rc = -1; RangeSet* tgt = NULL; struct stat st; @@ -1492,7 +1491,7 @@ static int PerformCommandErase(CommandParameters* params) { range = strtok_r(NULL, " ", ¶ms->cpos); if (range == NULL) { - fprintf(stderr, "missing target blocks for erase\n"); + fprintf(stderr, "missing target blocks for zero\n"); goto pceout; } @@ -1501,22 +1500,7 @@ static int PerformCommandErase(CommandParameters* params) { if (params->canwrite) { fprintf(stderr, " erasing %d blocks\n", tgt->size); - allocate(BLOCKSIZE, ¶ms->buffer, ¶ms->bufsize); - memset(params->buffer, 0, BLOCKSIZE); - for (i = 0; i < tgt->count; ++i) { - // Always zero the blocks first to work around possibly flaky BLKDISCARD - // Bug: 20881595 - if (!check_lseek(params->fd, (off64_t) tgt->pos[i * 2] * BLOCKSIZE, SEEK_SET)) { - goto pceout; - } - - for (j = tgt->pos[i * 2]; j < tgt->pos[i * 2 + 1]; ++j) { - if (write_all(params->fd, params->buffer, BLOCKSIZE) == -1) { - goto pceout; - } - } - // offset in bytes blocks[0] = tgt->pos[i * 2] * (uint64_t) BLOCKSIZE; // length in bytes -- cgit v1.2.3 From ba9a42aa7e10686de186636fe9fecbf8c4cc7c19 Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Tue, 23 Jun 2015 23:23:33 -0700 Subject: recovery: Switch applypatch/ and updater/ to cpp. Mostly trivial changes to make cpp compiler happy. Change-Id: I69bd1d96fcccf506007f6144faf37e11cfba1270 --- updater/Android.mk | 18 +- updater/blockimg.c | 1994 -------------------------------------------------- updater/blockimg.cpp | 1991 +++++++++++++++++++++++++++++++++++++++++++++++++ updater/install.c | 1630 ----------------------------------------- updater/install.cpp | 1622 ++++++++++++++++++++++++++++++++++++++++ updater/updater.c | 169 ----- updater/updater.cpp | 169 +++++ 7 files changed, 3797 insertions(+), 3796 deletions(-) delete mode 100644 updater/blockimg.c create mode 100644 updater/blockimg.cpp delete mode 100644 updater/install.c create mode 100644 updater/install.cpp delete mode 100644 updater/updater.c create mode 100644 updater/updater.cpp (limited to 'updater') diff --git a/updater/Android.mk b/updater/Android.mk index a0ea06fa5..0d4179b23 100644 --- a/updater/Android.mk +++ b/updater/Android.mk @@ -1,11 +1,23 @@ # Copyright 2009 The Android Open Source Project +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. LOCAL_PATH := $(call my-dir) updater_src_files := \ - install.c \ - blockimg.c \ - updater.c + install.cpp \ + blockimg.cpp \ + updater.cpp # # Build a statically-linked binary to include in OTA packages diff --git a/updater/blockimg.c b/updater/blockimg.c deleted file mode 100644 index a6a389507..000000000 --- a/updater/blockimg.c +++ /dev/null @@ -1,1994 +0,0 @@ -/* - * Copyright (C) 2014 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "applypatch/applypatch.h" -#include "edify/expr.h" -#include "mincrypt/sha.h" -#include "minzip/Hash.h" -#include "updater.h" - -#define BLOCKSIZE 4096 - -// Set this to 0 to interpret 'erase' transfers to mean do a -// BLKDISCARD ioctl (the normal behavior). Set to 1 to interpret -// erase to mean fill the region with zeroes. -#define DEBUG_ERASE 0 - -#ifndef BLKDISCARD -#define BLKDISCARD _IO(0x12,119) -#endif - -#define STASH_DIRECTORY_BASE "/cache/recovery" -#define STASH_DIRECTORY_MODE 0700 -#define STASH_FILE_MODE 0600 - -char* PrintSha1(const uint8_t* digest); - -typedef struct { - int count; - int size; - int pos[0]; -} RangeSet; - -#define RANGESET_MAX_POINTS \ - ((int)((INT_MAX / sizeof(int)) - sizeof(RangeSet))) - -static RangeSet* parse_range(char* text) { - char* save; - char* token; - int i, num; - long int val; - RangeSet* out = NULL; - size_t bufsize; - - if (!text) { - goto err; - } - - token = strtok_r(text, ",", &save); - - if (!token) { - goto err; - } - - val = strtol(token, NULL, 0); - - if (val < 2 || val > RANGESET_MAX_POINTS) { - goto err; - } else if (val % 2) { - goto err; // must be even - } - - num = (int) val; - bufsize = sizeof(RangeSet) + num * sizeof(int); - - out = malloc(bufsize); - - if (!out) { - fprintf(stderr, "failed to allocate range of %zu bytes\n", bufsize); - goto err; - } - - out->count = num / 2; - out->size = 0; - - for (i = 0; i < num; ++i) { - token = strtok_r(NULL, ",", &save); - - if (!token) { - goto err; - } - - val = strtol(token, NULL, 0); - - if (val < 0 || val > INT_MAX) { - goto err; - } - - out->pos[i] = (int) val; - - if (i % 2) { - if (out->pos[i - 1] >= out->pos[i]) { - goto err; // empty or negative range - } - - if (out->size > INT_MAX - out->pos[i]) { - goto err; // overflow - } - - out->size += out->pos[i]; - } else { - if (out->size < 0) { - goto err; - } - - out->size -= out->pos[i]; - } - } - - if (out->size <= 0) { - goto err; - } - - return out; - -err: - fprintf(stderr, "failed to parse range '%s'\n", text ? text : "NULL"); - exit(1); -} - -static int range_overlaps(RangeSet* r1, RangeSet* r2) { - int i, j, r1_0, r1_1, r2_0, r2_1; - - if (!r1 || !r2) { - return 0; - } - - for (i = 0; i < r1->count; ++i) { - r1_0 = r1->pos[i * 2]; - r1_1 = r1->pos[i * 2 + 1]; - - for (j = 0; j < r2->count; ++j) { - r2_0 = r2->pos[j * 2]; - r2_1 = r2->pos[j * 2 + 1]; - - if (!(r2_0 >= r1_1 || r1_0 >= r2_1)) { - return 1; - } - } - } - - return 0; -} - -static int read_all(int fd, uint8_t* data, size_t size) { - size_t so_far = 0; - while (so_far < size) { - ssize_t r = TEMP_FAILURE_RETRY(read(fd, data+so_far, size-so_far)); - if (r == -1) { - fprintf(stderr, "read failed: %s\n", strerror(errno)); - return -1; - } - so_far += r; - } - return 0; -} - -static int write_all(int fd, const uint8_t* data, size_t size) { - size_t written = 0; - while (written < size) { - ssize_t w = TEMP_FAILURE_RETRY(write(fd, data+written, size-written)); - if (w == -1) { - fprintf(stderr, "write failed: %s\n", strerror(errno)); - return -1; - } - written += w; - } - - if (fsync(fd) == -1) { - fprintf(stderr, "fsync failed: %s\n", strerror(errno)); - return -1; - } - - return 0; -} - -static bool check_lseek(int fd, off64_t offset, int whence) { - off64_t rc = TEMP_FAILURE_RETRY(lseek64(fd, offset, whence)); - if (rc == -1) { - fprintf(stderr, "lseek64 failed: %s\n", strerror(errno)); - return false; - } - return true; -} - -static void allocate(size_t size, uint8_t** buffer, size_t* buffer_alloc) { - // if the buffer's big enough, reuse it. - if (size <= *buffer_alloc) return; - - free(*buffer); - - *buffer = (uint8_t*) malloc(size); - if (*buffer == NULL) { - fprintf(stderr, "failed to allocate %zu bytes\n", size); - exit(1); - } - *buffer_alloc = size; -} - -typedef struct { - int fd; - RangeSet* tgt; - int p_block; - size_t p_remain; -} RangeSinkState; - -static ssize_t RangeSinkWrite(const uint8_t* data, ssize_t size, void* token) { - RangeSinkState* rss = (RangeSinkState*) token; - - if (rss->p_remain <= 0) { - fprintf(stderr, "range sink write overrun"); - return 0; - } - - ssize_t written = 0; - while (size > 0) { - size_t write_now = size; - - if (rss->p_remain < write_now) { - write_now = rss->p_remain; - } - - if (write_all(rss->fd, data, write_now) == -1) { - break; - } - - data += write_now; - size -= write_now; - - rss->p_remain -= write_now; - written += write_now; - - if (rss->p_remain == 0) { - // move to the next block - ++rss->p_block; - if (rss->p_block < rss->tgt->count) { - rss->p_remain = (rss->tgt->pos[rss->p_block * 2 + 1] - - rss->tgt->pos[rss->p_block * 2]) * BLOCKSIZE; - - if (!check_lseek(rss->fd, (off64_t)rss->tgt->pos[rss->p_block*2] * BLOCKSIZE, - SEEK_SET)) { - break; - } - } else { - // we can't write any more; return how many bytes have - // been written so far. - break; - } - } - } - - return written; -} - -// All of the data for all the 'new' transfers is contained in one -// file in the update package, concatenated together in the order in -// which transfers.list will need it. We want to stream it out of the -// archive (it's compressed) without writing it to a temp file, but we -// can't write each section until it's that transfer's turn to go. -// -// To achieve this, we expand the new data from the archive in a -// background thread, and block that threads 'receive uncompressed -// data' function until the main thread has reached a point where we -// want some new data to be written. We signal the background thread -// with the destination for the data and block the main thread, -// waiting for the background thread to complete writing that section. -// Then it signals the main thread to wake up and goes back to -// blocking waiting for a transfer. -// -// NewThreadInfo is the struct used to pass information back and forth -// between the two threads. When the main thread wants some data -// written, it sets rss to the destination location and signals the -// condition. When the background thread is done writing, it clears -// rss and signals the condition again. - -typedef struct { - ZipArchive* za; - const ZipEntry* entry; - - RangeSinkState* rss; - - pthread_mutex_t mu; - pthread_cond_t cv; -} NewThreadInfo; - -static bool receive_new_data(const unsigned char* data, int size, void* cookie) { - NewThreadInfo* nti = (NewThreadInfo*) cookie; - - while (size > 0) { - // Wait for nti->rss to be non-NULL, indicating some of this - // data is wanted. - pthread_mutex_lock(&nti->mu); - while (nti->rss == NULL) { - pthread_cond_wait(&nti->cv, &nti->mu); - } - pthread_mutex_unlock(&nti->mu); - - // At this point nti->rss is set, and we own it. The main - // thread is waiting for it to disappear from nti. - ssize_t written = RangeSinkWrite(data, size, nti->rss); - data += written; - size -= written; - - if (nti->rss->p_block == nti->rss->tgt->count) { - // we have written all the bytes desired by this rss. - - pthread_mutex_lock(&nti->mu); - nti->rss = NULL; - pthread_cond_broadcast(&nti->cv); - pthread_mutex_unlock(&nti->mu); - } - } - - return true; -} - -static void* unzip_new_data(void* cookie) { - NewThreadInfo* nti = (NewThreadInfo*) cookie; - mzProcessZipEntryContents(nti->za, nti->entry, receive_new_data, nti); - return NULL; -} - -static int ReadBlocks(RangeSet* src, uint8_t* buffer, int fd) { - int i; - size_t p = 0; - size_t size; - - if (!src || !buffer) { - return -1; - } - - for (i = 0; i < src->count; ++i) { - if (!check_lseek(fd, (off64_t) src->pos[i * 2] * BLOCKSIZE, SEEK_SET)) { - return -1; - } - - size = (src->pos[i * 2 + 1] - src->pos[i * 2]) * BLOCKSIZE; - - if (read_all(fd, buffer + p, size) == -1) { - return -1; - } - - p += size; - } - - return 0; -} - -static int WriteBlocks(RangeSet* tgt, uint8_t* buffer, int fd) { - int i; - size_t p = 0; - size_t size; - - if (!tgt || !buffer) { - return -1; - } - - for (i = 0; i < tgt->count; ++i) { - if (!check_lseek(fd, (off64_t) tgt->pos[i * 2] * BLOCKSIZE, SEEK_SET)) { - return -1; - } - - size = (tgt->pos[i * 2 + 1] - tgt->pos[i * 2]) * BLOCKSIZE; - - if (write_all(fd, buffer + p, size) == -1) { - return -1; - } - - p += size; - } - - return 0; -} - -// Do a source/target load for move/bsdiff/imgdiff in version 1. -// 'wordsave' is the save_ptr of a strtok_r()-in-progress. We expect -// to parse the remainder of the string as: -// -// -// -// The source range is loaded into the provided buffer, reallocating -// it to make it larger if necessary. The target ranges are returned -// in *tgt, if tgt is non-NULL. - -static int LoadSrcTgtVersion1(char** wordsave, RangeSet** tgt, int* src_blocks, - uint8_t** buffer, size_t* buffer_alloc, int fd) { - char* word; - int rc; - - word = strtok_r(NULL, " ", wordsave); - RangeSet* src = parse_range(word); - - if (tgt != NULL) { - word = strtok_r(NULL, " ", wordsave); - *tgt = parse_range(word); - } - - allocate(src->size * BLOCKSIZE, buffer, buffer_alloc); - rc = ReadBlocks(src, *buffer, fd); - *src_blocks = src->size; - - free(src); - return rc; -} - -static int VerifyBlocks(const char *expected, const uint8_t *buffer, - size_t blocks, int printerror) { - char* hexdigest = NULL; - int rc = -1; - uint8_t digest[SHA_DIGEST_SIZE]; - - if (!expected || !buffer) { - return rc; - } - - SHA_hash(buffer, blocks * BLOCKSIZE, digest); - hexdigest = PrintSha1(digest); - - if (hexdigest != NULL) { - rc = strcmp(expected, hexdigest); - - if (rc != 0 && printerror) { - fprintf(stderr, "failed to verify blocks (expected %s, read %s)\n", - expected, hexdigest); - } - - free(hexdigest); - } - - return rc; -} - -static char* GetStashFileName(const char* base, const char* id, const char* postfix) { - char* fn; - int len; - int res; - - if (base == NULL) { - return NULL; - } - - if (id == NULL) { - id = ""; - } - - if (postfix == NULL) { - postfix = ""; - } - - len = strlen(STASH_DIRECTORY_BASE) + 1 + strlen(base) + 1 + strlen(id) + strlen(postfix) + 1; - fn = malloc(len); - - if (fn == NULL) { - fprintf(stderr, "failed to malloc %d bytes for fn\n", len); - return NULL; - } - - res = snprintf(fn, len, STASH_DIRECTORY_BASE "/%s/%s%s", base, id, postfix); - - if (res < 0 || res >= len) { - fprintf(stderr, "failed to format file name (return value %d)\n", res); - free(fn); - return NULL; - } - - return fn; -} - -typedef void (*StashCallback)(const char*, void*); - -// Does a best effort enumeration of stash files. Ignores possible non-file -// items in the stash directory and continues despite of errors. Calls the -// 'callback' function for each file and passes 'data' to the function as a -// parameter. - -static void EnumerateStash(const char* dirname, StashCallback callback, void* data) { - char* fn; - DIR* directory; - int len; - int res; - struct dirent* item; - - if (dirname == NULL || callback == NULL) { - return; - } - - directory = opendir(dirname); - - if (directory == NULL) { - if (errno != ENOENT) { - fprintf(stderr, "opendir \"%s\" failed: %s\n", dirname, strerror(errno)); - } - return; - } - - while ((item = readdir(directory)) != NULL) { - if (item->d_type != DT_REG) { - continue; - } - - len = strlen(dirname) + 1 + strlen(item->d_name) + 1; - fn = malloc(len); - - if (fn == NULL) { - fprintf(stderr, "failed to malloc %d bytes for fn\n", len); - continue; - } - - res = snprintf(fn, len, "%s/%s", dirname, item->d_name); - - if (res < 0 || res >= len) { - fprintf(stderr, "failed to format file name (return value %d)\n", res); - free(fn); - continue; - } - - callback(fn, data); - free(fn); - } - - if (closedir(directory) == -1) { - fprintf(stderr, "closedir \"%s\" failed: %s\n", dirname, strerror(errno)); - } -} - -static void UpdateFileSize(const char* fn, void* data) { - int* size = (int*) data; - struct stat st; - - if (!fn || !data) { - return; - } - - if (stat(fn, &st) == -1) { - fprintf(stderr, "stat \"%s\" failed: %s\n", fn, strerror(errno)); - return; - } - - *size += st.st_size; -} - -// Deletes the stash directory and all files in it. Assumes that it only -// contains files. There is nothing we can do about unlikely, but possible -// errors, so they are merely logged. - -static void DeleteFile(const char* fn, void* data) { - if (fn) { - fprintf(stderr, "deleting %s\n", fn); - - if (unlink(fn) == -1 && errno != ENOENT) { - fprintf(stderr, "unlink \"%s\" failed: %s\n", fn, strerror(errno)); - } - } -} - -static void DeletePartial(const char* fn, void* data) { - if (fn && strstr(fn, ".partial") != NULL) { - DeleteFile(fn, data); - } -} - -static void DeleteStash(const char* base) { - char* dirname; - - if (base == NULL) { - return; - } - - dirname = GetStashFileName(base, NULL, NULL); - - if (dirname == NULL) { - return; - } - - fprintf(stderr, "deleting stash %s\n", base); - EnumerateStash(dirname, DeleteFile, NULL); - - if (rmdir(dirname) == -1) { - if (errno != ENOENT && errno != ENOTDIR) { - fprintf(stderr, "rmdir \"%s\" failed: %s\n", dirname, strerror(errno)); - } - } - - free(dirname); -} - -static int LoadStash(const char* base, const char* id, int verify, int* blocks, uint8_t** buffer, - size_t* buffer_alloc, int printnoent) { - char *fn = NULL; - int blockcount = 0; - int fd = -1; - int rc = -1; - int res; - struct stat st; - - if (!base || !id || !buffer || !buffer_alloc) { - goto lsout; - } - - if (!blocks) { - blocks = &blockcount; - } - - fn = GetStashFileName(base, id, NULL); - - if (fn == NULL) { - goto lsout; - } - - res = stat(fn, &st); - - if (res == -1) { - if (errno != ENOENT || printnoent) { - fprintf(stderr, "stat \"%s\" failed: %s\n", fn, strerror(errno)); - } - goto lsout; - } - - fprintf(stderr, " loading %s\n", fn); - - if ((st.st_size % BLOCKSIZE) != 0) { - fprintf(stderr, "%s size %zd not multiple of block size %d", fn, st.st_size, BLOCKSIZE); - goto lsout; - } - - fd = TEMP_FAILURE_RETRY(open(fn, O_RDONLY)); - - if (fd == -1) { - fprintf(stderr, "open \"%s\" failed: %s\n", fn, strerror(errno)); - goto lsout; - } - - allocate(st.st_size, buffer, buffer_alloc); - - if (read_all(fd, *buffer, st.st_size) == -1) { - goto lsout; - } - - *blocks = st.st_size / BLOCKSIZE; - - if (verify && VerifyBlocks(id, *buffer, *blocks, 1) != 0) { - fprintf(stderr, "unexpected contents in %s\n", fn); - DeleteFile(fn, NULL); - goto lsout; - } - - rc = 0; - -lsout: - if (fd != -1) { - close(fd); - } - - if (fn) { - free(fn); - } - - return rc; -} - -static int WriteStash(const char* base, const char* id, int blocks, uint8_t* buffer, - int checkspace, int *exists) { - char *fn = NULL; - char *cn = NULL; - int fd = -1; - int rc = -1; - int res; - struct stat st; - - if (base == NULL || buffer == NULL) { - goto wsout; - } - - if (checkspace && CacheSizeCheck(blocks * BLOCKSIZE) != 0) { - fprintf(stderr, "not enough space to write stash\n"); - goto wsout; - } - - fn = GetStashFileName(base, id, ".partial"); - cn = GetStashFileName(base, id, NULL); - - if (fn == NULL || cn == NULL) { - goto wsout; - } - - if (exists) { - res = stat(cn, &st); - - if (res == 0) { - // The file already exists and since the name is the hash of the contents, - // it's safe to assume the contents are identical (accidental hash collisions - // are unlikely) - fprintf(stderr, " skipping %d existing blocks in %s\n", blocks, cn); - *exists = 1; - rc = 0; - goto wsout; - } - - *exists = 0; - } - - fprintf(stderr, " writing %d blocks to %s\n", blocks, cn); - - fd = TEMP_FAILURE_RETRY(open(fn, O_WRONLY | O_CREAT | O_TRUNC | O_SYNC, STASH_FILE_MODE)); - - if (fd == -1) { - fprintf(stderr, "failed to create \"%s\": %s\n", fn, strerror(errno)); - goto wsout; - } - - if (write_all(fd, buffer, blocks * BLOCKSIZE) == -1) { - goto wsout; - } - - if (fsync(fd) == -1) { - fprintf(stderr, "fsync \"%s\" failed: %s\n", fn, strerror(errno)); - goto wsout; - } - - if (rename(fn, cn) == -1) { - fprintf(stderr, "rename(\"%s\", \"%s\") failed: %s\n", fn, cn, strerror(errno)); - goto wsout; - } - - rc = 0; - -wsout: - if (fd != -1) { - close(fd); - } - - if (fn) { - free(fn); - } - - if (cn) { - free(cn); - } - - return rc; -} - -// Creates a directory for storing stash files and checks if the /cache partition -// hash enough space for the expected amount of blocks we need to store. Returns -// >0 if we created the directory, zero if it existed already, and <0 of failure. - -static int CreateStash(State* state, int maxblocks, const char* blockdev, char** base) { - char* dirname = NULL; - const uint8_t* digest; - int rc = -1; - int res; - int size = 0; - SHA_CTX ctx; - struct stat st; - - if (blockdev == NULL || base == NULL) { - goto csout; - } - - // Stash directory should be different for each partition to avoid conflicts - // when updating multiple partitions at the same time, so we use the hash of - // the block device name as the base directory - SHA_init(&ctx); - SHA_update(&ctx, blockdev, strlen(blockdev)); - digest = SHA_final(&ctx); - *base = PrintSha1(digest); - - if (*base == NULL) { - goto csout; - } - - dirname = GetStashFileName(*base, NULL, NULL); - - if (dirname == NULL) { - goto csout; - } - - res = stat(dirname, &st); - - if (res == -1 && errno != ENOENT) { - ErrorAbort(state, "stat \"%s\" failed: %s\n", dirname, strerror(errno)); - goto csout; - } else if (res != 0) { - fprintf(stderr, "creating stash %s\n", dirname); - res = mkdir(dirname, STASH_DIRECTORY_MODE); - - if (res != 0) { - ErrorAbort(state, "mkdir \"%s\" failed: %s\n", dirname, strerror(errno)); - goto csout; - } - - if (CacheSizeCheck(maxblocks * BLOCKSIZE) != 0) { - ErrorAbort(state, "not enough space for stash\n"); - goto csout; - } - - rc = 1; // Created directory - goto csout; - } - - fprintf(stderr, "using existing stash %s\n", dirname); - - // If the directory already exists, calculate the space already allocated to - // stash files and check if there's enough for all required blocks. Delete any - // partially completed stash files first. - - EnumerateStash(dirname, DeletePartial, NULL); - EnumerateStash(dirname, UpdateFileSize, &size); - - size = (maxblocks * BLOCKSIZE) - size; - - if (size > 0 && CacheSizeCheck(size) != 0) { - ErrorAbort(state, "not enough space for stash (%d more needed)\n", size); - goto csout; - } - - rc = 0; // Using existing directory - -csout: - if (dirname) { - free(dirname); - } - - return rc; -} - -static int SaveStash(const char* base, char** wordsave, uint8_t** buffer, size_t* buffer_alloc, - int fd, int usehash, int* isunresumable) { - char *id = NULL; - int res = -1; - int blocks = 0; - - if (!wordsave || !buffer || !buffer_alloc || !isunresumable) { - return -1; - } - - id = strtok_r(NULL, " ", wordsave); - - if (id == NULL) { - fprintf(stderr, "missing id field in stash command\n"); - return -1; - } - - if (usehash && LoadStash(base, id, 1, &blocks, buffer, buffer_alloc, 0) == 0) { - // Stash file already exists and has expected contents. Do not - // read from source again, as the source may have been already - // overwritten during a previous attempt. - return 0; - } - - if (LoadSrcTgtVersion1(wordsave, NULL, &blocks, buffer, buffer_alloc, fd) == -1) { - return -1; - } - - if (usehash && VerifyBlocks(id, *buffer, blocks, 1) != 0) { - // Source blocks have unexpected contents. If we actually need this - // data later, this is an unrecoverable error. However, the command - // that uses the data may have already completed previously, so the - // possible failure will occur during source block verification. - fprintf(stderr, "failed to load source blocks for stash %s\n", id); - return 0; - } - - fprintf(stderr, "stashing %d blocks to %s\n", blocks, id); - return WriteStash(base, id, blocks, *buffer, 0, NULL); -} - -static int FreeStash(const char* base, const char* id) { - char *fn = NULL; - - if (base == NULL || id == NULL) { - return -1; - } - - fn = GetStashFileName(base, id, NULL); - - if (fn == NULL) { - return -1; - } - - DeleteFile(fn, NULL); - free(fn); - - return 0; -} - -static void MoveRange(uint8_t* dest, RangeSet* locs, const uint8_t* source) { - // source contains packed data, which we want to move to the - // locations given in *locs in the dest buffer. source and dest - // may be the same buffer. - - int start = locs->size; - int i; - for (i = locs->count-1; i >= 0; --i) { - int blocks = locs->pos[i*2+1] - locs->pos[i*2]; - start -= blocks; - memmove(dest + (locs->pos[i*2] * BLOCKSIZE), source + (start * BLOCKSIZE), - blocks * BLOCKSIZE); - } -} - -// Do a source/target load for move/bsdiff/imgdiff in version 2. -// 'wordsave' is the save_ptr of a strtok_r()-in-progress. We expect -// to parse the remainder of the string as one of: -// -// -// (loads data from source image only) -// -// - <[stash_id:stash_range] ...> -// (loads data from stashes only) -// -// <[stash_id:stash_range] ...> -// (loads data from both source image and stashes) -// -// On return, buffer is filled with the loaded source data (rearranged -// and combined with stashed data as necessary). buffer may be -// reallocated if needed to accommodate the source data. *tgt is the -// target RangeSet. Any stashes required are loaded using LoadStash. - -static int LoadSrcTgtVersion2(char** wordsave, RangeSet** tgt, int* src_blocks, - uint8_t** buffer, size_t* buffer_alloc, int fd, - const char* stashbase, int* overlap) { - char* word; - char* colonsave; - char* colon; - int id; - int res; - RangeSet* locs; - size_t stashalloc = 0; - uint8_t* stash = NULL; - - if (tgt != NULL) { - word = strtok_r(NULL, " ", wordsave); - *tgt = parse_range(word); - } - - word = strtok_r(NULL, " ", wordsave); - *src_blocks = strtol(word, NULL, 0); - - allocate(*src_blocks * BLOCKSIZE, buffer, buffer_alloc); - - word = strtok_r(NULL, " ", wordsave); - if (word[0] == '-' && word[1] == '\0') { - // no source ranges, only stashes - } else { - RangeSet* src = parse_range(word); - res = ReadBlocks(src, *buffer, fd); - - if (overlap && tgt) { - *overlap = range_overlaps(src, *tgt); - } - - free(src); - - if (res == -1) { - return -1; - } - - word = strtok_r(NULL, " ", wordsave); - if (word == NULL) { - // no stashes, only source range - return 0; - } - - locs = parse_range(word); - MoveRange(*buffer, locs, *buffer); - free(locs); - } - - while ((word = strtok_r(NULL, " ", wordsave)) != NULL) { - // Each word is a an index into the stash table, a colon, and - // then a rangeset describing where in the source block that - // stashed data should go. - colonsave = NULL; - colon = strtok_r(word, ":", &colonsave); - - res = LoadStash(stashbase, colon, 0, NULL, &stash, &stashalloc, 1); - - if (res == -1) { - // These source blocks will fail verification if used later, but we - // will let the caller decide if this is a fatal failure - fprintf(stderr, "failed to load stash %s\n", colon); - continue; - } - - colon = strtok_r(NULL, ":", &colonsave); - locs = parse_range(colon); - - MoveRange(*buffer, locs, stash); - free(locs); - } - - if (stash) { - free(stash); - } - - return 0; -} - -// Parameters for transfer list command functions -typedef struct { - char* cmdname; - char* cpos; - char* freestash; - char* stashbase; - int canwrite; - int createdstash; - int fd; - int foundwrites; - int isunresumable; - int version; - int written; - NewThreadInfo nti; - pthread_t thread; - size_t bufsize; - uint8_t* buffer; - uint8_t* patch_start; -} CommandParameters; - -// Do a source/target load for move/bsdiff/imgdiff in version 3. -// -// Parameters are the same as for LoadSrcTgtVersion2, except for 'onehash', which -// tells the function whether to expect separate source and targe block hashes, or -// if they are both the same and only one hash should be expected, and -// 'isunresumable', which receives a non-zero value if block verification fails in -// a way that the update cannot be resumed anymore. -// -// If the function is unable to load the necessary blocks or their contents don't -// match the hashes, the return value is -1 and the command should be aborted. -// -// If the return value is 1, the command has already been completed according to -// the contents of the target blocks, and should not be performed again. -// -// If the return value is 0, source blocks have expected content and the command -// can be performed. - -static int LoadSrcTgtVersion3(CommandParameters* params, RangeSet** tgt, int* src_blocks, - int onehash, int* overlap) { - char* srchash = NULL; - char* tgthash = NULL; - int stash_exists = 0; - int overlap_blocks = 0; - int rc = -1; - uint8_t* tgtbuffer = NULL; - - if (!params|| !tgt || !src_blocks || !overlap) { - goto v3out; - } - - srchash = strtok_r(NULL, " ", ¶ms->cpos); - - if (srchash == NULL) { - fprintf(stderr, "missing source hash\n"); - goto v3out; - } - - if (onehash) { - tgthash = srchash; - } else { - tgthash = strtok_r(NULL, " ", ¶ms->cpos); - - if (tgthash == NULL) { - fprintf(stderr, "missing target hash\n"); - goto v3out; - } - } - - if (LoadSrcTgtVersion2(¶ms->cpos, tgt, src_blocks, ¶ms->buffer, ¶ms->bufsize, - params->fd, params->stashbase, overlap) == -1) { - goto v3out; - } - - tgtbuffer = (uint8_t*) malloc((*tgt)->size * BLOCKSIZE); - - if (tgtbuffer == NULL) { - fprintf(stderr, "failed to allocate %d bytes\n", (*tgt)->size * BLOCKSIZE); - goto v3out; - } - - if (ReadBlocks(*tgt, tgtbuffer, params->fd) == -1) { - goto v3out; - } - - if (VerifyBlocks(tgthash, tgtbuffer, (*tgt)->size, 0) == 0) { - // Target blocks already have expected content, command should be skipped - rc = 1; - goto v3out; - } - - if (VerifyBlocks(srchash, params->buffer, *src_blocks, 1) == 0) { - // If source and target blocks overlap, stash the source blocks so we can - // resume from possible write errors - if (*overlap) { - fprintf(stderr, "stashing %d overlapping blocks to %s\n", *src_blocks, - srchash); - - if (WriteStash(params->stashbase, srchash, *src_blocks, params->buffer, 1, - &stash_exists) != 0) { - fprintf(stderr, "failed to stash overlapping source blocks\n"); - goto v3out; - } - - // Can be deleted when the write has completed - if (!stash_exists) { - params->freestash = srchash; - } - } - - // Source blocks have expected content, command can proceed - rc = 0; - goto v3out; - } - - if (*overlap && LoadStash(params->stashbase, srchash, 1, NULL, ¶ms->buffer, - ¶ms->bufsize, 1) == 0) { - // Overlapping source blocks were previously stashed, command can proceed. - // We are recovering from an interrupted command, so we don't know if the - // stash can safely be deleted after this command. - rc = 0; - goto v3out; - } - - // Valid source data not available, update cannot be resumed - fprintf(stderr, "partition has unexpected contents\n"); - params->isunresumable = 1; - -v3out: - if (tgtbuffer) { - free(tgtbuffer); - } - - return rc; -} - -static int PerformCommandMove(CommandParameters* params) { - int blocks = 0; - int overlap = 0; - int rc = -1; - int status = 0; - RangeSet* tgt = NULL; - - if (!params) { - goto pcmout; - } - - if (params->version == 1) { - status = LoadSrcTgtVersion1(¶ms->cpos, &tgt, &blocks, ¶ms->buffer, - ¶ms->bufsize, params->fd); - } else if (params->version == 2) { - status = LoadSrcTgtVersion2(¶ms->cpos, &tgt, &blocks, ¶ms->buffer, - ¶ms->bufsize, params->fd, params->stashbase, NULL); - } else if (params->version >= 3) { - status = LoadSrcTgtVersion3(params, &tgt, &blocks, 1, &overlap); - } - - if (status == -1) { - fprintf(stderr, "failed to read blocks for move\n"); - goto pcmout; - } - - if (status == 0) { - params->foundwrites = 1; - } else if (params->foundwrites) { - fprintf(stderr, "warning: commands executed out of order [%s]\n", params->cmdname); - } - - if (params->canwrite) { - if (status == 0) { - fprintf(stderr, " moving %d blocks\n", blocks); - - if (WriteBlocks(tgt, params->buffer, params->fd) == -1) { - goto pcmout; - } - } else { - fprintf(stderr, "skipping %d already moved blocks\n", blocks); - } - - } - - if (params->freestash) { - FreeStash(params->stashbase, params->freestash); - params->freestash = NULL; - } - - params->written += tgt->size; - rc = 0; - -pcmout: - if (tgt) { - free(tgt); - } - - return rc; -} - -static int PerformCommandStash(CommandParameters* params) { - if (!params) { - return -1; - } - - return SaveStash(params->stashbase, ¶ms->cpos, ¶ms->buffer, ¶ms->bufsize, - params->fd, (params->version >= 3), ¶ms->isunresumable); -} - -static int PerformCommandFree(CommandParameters* params) { - if (!params) { - return -1; - } - - if (params->createdstash || params->canwrite) { - return FreeStash(params->stashbase, params->cpos); - } - - return 0; -} - -static int PerformCommandZero(CommandParameters* params) { - char* range = NULL; - int i; - int j; - int rc = -1; - RangeSet* tgt = NULL; - - if (!params) { - goto pczout; - } - - range = strtok_r(NULL, " ", ¶ms->cpos); - - if (range == NULL) { - fprintf(stderr, "missing target blocks for zero\n"); - goto pczout; - } - - tgt = parse_range(range); - - fprintf(stderr, " zeroing %d blocks\n", tgt->size); - - allocate(BLOCKSIZE, ¶ms->buffer, ¶ms->bufsize); - memset(params->buffer, 0, BLOCKSIZE); - - if (params->canwrite) { - for (i = 0; i < tgt->count; ++i) { - if (!check_lseek(params->fd, (off64_t) tgt->pos[i * 2] * BLOCKSIZE, SEEK_SET)) { - goto pczout; - } - - for (j = tgt->pos[i * 2]; j < tgt->pos[i * 2 + 1]; ++j) { - if (write_all(params->fd, params->buffer, BLOCKSIZE) == -1) { - goto pczout; - } - } - } - } - - if (params->cmdname[0] == 'z') { - // Update only for the zero command, as the erase command will call - // this if DEBUG_ERASE is defined. - params->written += tgt->size; - } - - rc = 0; - -pczout: - if (tgt) { - free(tgt); - } - - return rc; -} - -static int PerformCommandNew(CommandParameters* params) { - char* range = NULL; - int rc = -1; - RangeSet* tgt = NULL; - RangeSinkState rss; - - if (!params) { - goto pcnout; - } - - range = strtok_r(NULL, " ", ¶ms->cpos); - - if (range == NULL) { - goto pcnout; - } - - tgt = parse_range(range); - - if (params->canwrite) { - fprintf(stderr, " writing %d blocks of new data\n", tgt->size); - - rss.fd = params->fd; - rss.tgt = tgt; - rss.p_block = 0; - rss.p_remain = (tgt->pos[1] - tgt->pos[0]) * BLOCKSIZE; - - if (!check_lseek(params->fd, (off64_t) tgt->pos[0] * BLOCKSIZE, SEEK_SET)) { - goto pcnout; - } - - pthread_mutex_lock(¶ms->nti.mu); - params->nti.rss = &rss; - pthread_cond_broadcast(¶ms->nti.cv); - - while (params->nti.rss) { - pthread_cond_wait(¶ms->nti.cv, ¶ms->nti.mu); - } - - pthread_mutex_unlock(¶ms->nti.mu); - } - - params->written += tgt->size; - rc = 0; - -pcnout: - if (tgt) { - free(tgt); - } - - return rc; -} - -static int PerformCommandDiff(CommandParameters* params) { - char* logparams = NULL; - char* value = NULL; - int blocks = 0; - int overlap = 0; - int rc = -1; - int status = 0; - RangeSet* tgt = NULL; - RangeSinkState rss; - size_t len = 0; - size_t offset = 0; - Value patch_value; - - if (!params) { - goto pcdout; - } - - logparams = strdup(params->cpos); - value = strtok_r(NULL, " ", ¶ms->cpos); - - if (value == NULL) { - fprintf(stderr, "missing patch offset for %s\n", params->cmdname); - goto pcdout; - } - - offset = strtoul(value, NULL, 0); - - value = strtok_r(NULL, " ", ¶ms->cpos); - - if (value == NULL) { - fprintf(stderr, "missing patch length for %s\n", params->cmdname); - goto pcdout; - } - - len = strtoul(value, NULL, 0); - - if (params->version == 1) { - status = LoadSrcTgtVersion1(¶ms->cpos, &tgt, &blocks, ¶ms->buffer, - ¶ms->bufsize, params->fd); - } else if (params->version == 2) { - status = LoadSrcTgtVersion2(¶ms->cpos, &tgt, &blocks, ¶ms->buffer, - ¶ms->bufsize, params->fd, params->stashbase, NULL); - } else if (params->version >= 3) { - status = LoadSrcTgtVersion3(params, &tgt, &blocks, 0, &overlap); - } - - if (status == -1) { - fprintf(stderr, "failed to read blocks for diff\n"); - goto pcdout; - } - - if (status == 0) { - params->foundwrites = 1; - } else if (params->foundwrites) { - fprintf(stderr, "warning: commands executed out of order [%s]\n", params->cmdname); - } - - if (params->canwrite) { - if (status == 0) { - fprintf(stderr, "patching %d blocks to %d\n", blocks, tgt->size); - - patch_value.type = VAL_BLOB; - patch_value.size = len; - patch_value.data = (char*) (params->patch_start + offset); - - rss.fd = params->fd; - rss.tgt = tgt; - rss.p_block = 0; - rss.p_remain = (tgt->pos[1] - tgt->pos[0]) * BLOCKSIZE; - - if (!check_lseek(params->fd, (off64_t) tgt->pos[0] * BLOCKSIZE, SEEK_SET)) { - goto pcdout; - } - - if (params->cmdname[0] == 'i') { // imgdiff - ApplyImagePatch(params->buffer, blocks * BLOCKSIZE, &patch_value, - &RangeSinkWrite, &rss, NULL, NULL); - } else { - ApplyBSDiffPatch(params->buffer, blocks * BLOCKSIZE, &patch_value, - 0, &RangeSinkWrite, &rss, NULL); - } - - // We expect the output of the patcher to fill the tgt ranges exactly. - if (rss.p_block != tgt->count || rss.p_remain != 0) { - fprintf(stderr, "range sink underrun?\n"); - } - } else { - fprintf(stderr, "skipping %d blocks already patched to %d [%s]\n", - blocks, tgt->size, logparams); - } - } - - if (params->freestash) { - FreeStash(params->stashbase, params->freestash); - params->freestash = NULL; - } - - params->written += tgt->size; - rc = 0; - -pcdout: - if (logparams) { - free(logparams); - } - - if (tgt) { - free(tgt); - } - - return rc; -} - -static int PerformCommandErase(CommandParameters* params) { - char* range = NULL; - int i; - int rc = -1; - RangeSet* tgt = NULL; - struct stat st; - uint64_t blocks[2]; - - if (DEBUG_ERASE) { - return PerformCommandZero(params); - } - - if (!params) { - goto pceout; - } - - if (fstat(params->fd, &st) == -1) { - fprintf(stderr, "failed to fstat device to erase: %s\n", strerror(errno)); - goto pceout; - } - - if (!S_ISBLK(st.st_mode)) { - fprintf(stderr, "not a block device; skipping erase\n"); - goto pceout; - } - - range = strtok_r(NULL, " ", ¶ms->cpos); - - if (range == NULL) { - fprintf(stderr, "missing target blocks for zero\n"); - goto pceout; - } - - tgt = parse_range(range); - - if (params->canwrite) { - fprintf(stderr, " erasing %d blocks\n", tgt->size); - - for (i = 0; i < tgt->count; ++i) { - // offset in bytes - blocks[0] = tgt->pos[i * 2] * (uint64_t) BLOCKSIZE; - // length in bytes - blocks[1] = (tgt->pos[i * 2 + 1] - tgt->pos[i * 2]) * (uint64_t) BLOCKSIZE; - - if (ioctl(params->fd, BLKDISCARD, &blocks) == -1) { - fprintf(stderr, "BLKDISCARD ioctl failed: %s\n", strerror(errno)); - goto pceout; - } - } - } - - rc = 0; - -pceout: - if (tgt) { - free(tgt); - } - - return rc; -} - -// Definitions for transfer list command functions -typedef int (*CommandFunction)(CommandParameters*); - -typedef struct { - const char* name; - CommandFunction f; -} Command; - -// CompareCommands and CompareCommandNames are for the hash table - -static int CompareCommands(const void* c1, const void* c2) { - return strcmp(((const Command*) c1)->name, ((const Command*) c2)->name); -} - -static int CompareCommandNames(const void* c1, const void* c2) { - return strcmp(((const Command*) c1)->name, (const char*) c2); -} - -// HashString is used to hash command names for the hash table - -static unsigned int HashString(const char *s) { - unsigned int hash = 0; - if (s) { - while (*s) { - hash = hash * 33 + *s++; - } - } - return hash; -} - -// args: -// - block device (or file) to modify in-place -// - transfer list (blob) -// - new data stream (filename within package.zip) -// - patch stream (filename within package.zip, must be uncompressed) - -static Value* PerformBlockImageUpdate(const char* name, State* state, int argc, Expr* argv[], - const Command* commands, int cmdcount, int dryrun) { - - char* line = NULL; - char* linesave = NULL; - char* logcmd = NULL; - char* transfer_list = NULL; - CommandParameters params; - const Command* cmd = NULL; - const ZipEntry* new_entry = NULL; - const ZipEntry* patch_entry = NULL; - FILE* cmd_pipe = NULL; - HashTable* cmdht = NULL; - int i; - int res; - int rc = -1; - int stash_max_blocks = 0; - int total_blocks = 0; - pthread_attr_t attr; - unsigned int cmdhash; - UpdaterInfo* ui = NULL; - Value* blockdev_filename = NULL; - Value* new_data_fn = NULL; - Value* patch_data_fn = NULL; - Value* transfer_list_value = NULL; - ZipArchive* za = NULL; - - memset(¶ms, 0, sizeof(params)); - params.canwrite = !dryrun; - - fprintf(stderr, "performing %s\n", dryrun ? "verification" : "update"); - - if (ReadValueArgs(state, argv, 4, &blockdev_filename, &transfer_list_value, - &new_data_fn, &patch_data_fn) < 0) { - goto pbiudone; - } - - if (blockdev_filename->type != VAL_STRING) { - ErrorAbort(state, "blockdev_filename argument to %s must be string", name); - goto pbiudone; - } - if (transfer_list_value->type != VAL_BLOB) { - ErrorAbort(state, "transfer_list argument to %s must be blob", name); - goto pbiudone; - } - if (new_data_fn->type != VAL_STRING) { - ErrorAbort(state, "new_data_fn argument to %s must be string", name); - goto pbiudone; - } - if (patch_data_fn->type != VAL_STRING) { - ErrorAbort(state, "patch_data_fn argument to %s must be string", name); - goto pbiudone; - } - - ui = (UpdaterInfo*) state->cookie; - - if (ui == NULL) { - goto pbiudone; - } - - cmd_pipe = ui->cmd_pipe; - za = ui->package_zip; - - if (cmd_pipe == NULL || za == NULL) { - goto pbiudone; - } - - patch_entry = mzFindZipEntry(za, patch_data_fn->data); - - if (patch_entry == NULL) { - fprintf(stderr, "%s(): no file \"%s\" in package", name, patch_data_fn->data); - goto pbiudone; - } - - params.patch_start = ui->package_zip_addr + mzGetZipEntryOffset(patch_entry); - new_entry = mzFindZipEntry(za, new_data_fn->data); - - if (new_entry == NULL) { - fprintf(stderr, "%s(): no file \"%s\" in package", name, new_data_fn->data); - goto pbiudone; - } - - params.fd = TEMP_FAILURE_RETRY(open(blockdev_filename->data, O_RDWR)); - - if (params.fd == -1) { - fprintf(stderr, "open \"%s\" failed: %s\n", blockdev_filename->data, strerror(errno)); - goto pbiudone; - } - - if (params.canwrite) { - params.nti.za = za; - params.nti.entry = new_entry; - - pthread_mutex_init(¶ms.nti.mu, NULL); - pthread_cond_init(¶ms.nti.cv, NULL); - pthread_attr_init(&attr); - pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_JOINABLE); - - int error = pthread_create(¶ms.thread, &attr, unzip_new_data, ¶ms.nti); - if (error != 0) { - fprintf(stderr, "pthread_create failed: %s\n", strerror(error)); - goto pbiudone; - } - } - - // The data in transfer_list_value is not necessarily null-terminated, so we need - // to copy it to a new buffer and add the null that strtok_r will need. - transfer_list = malloc(transfer_list_value->size + 1); - - if (transfer_list == NULL) { - fprintf(stderr, "failed to allocate %zd bytes for transfer list\n", - transfer_list_value->size + 1); - goto pbiudone; - } - - memcpy(transfer_list, transfer_list_value->data, transfer_list_value->size); - transfer_list[transfer_list_value->size] = '\0'; - - // First line in transfer list is the version number - line = strtok_r(transfer_list, "\n", &linesave); - params.version = strtol(line, NULL, 0); - - if (params.version < 1 || params.version > 3) { - fprintf(stderr, "unexpected transfer list version [%s]\n", line); - goto pbiudone; - } - - fprintf(stderr, "blockimg version is %d\n", params.version); - - // Second line in transfer list is the total number of blocks we expect to write - line = strtok_r(NULL, "\n", &linesave); - total_blocks = strtol(line, NULL, 0); - - if (total_blocks < 0) { - ErrorAbort(state, "unexpected block count [%s]\n", line); - goto pbiudone; - } else if (total_blocks == 0) { - rc = 0; - goto pbiudone; - } - - if (params.version >= 2) { - // Third line is how many stash entries are needed simultaneously - line = strtok_r(NULL, "\n", &linesave); - fprintf(stderr, "maximum stash entries %s\n", line); - - // Fourth line is the maximum number of blocks that will be stashed simultaneously - line = strtok_r(NULL, "\n", &linesave); - stash_max_blocks = strtol(line, NULL, 0); - - if (stash_max_blocks < 0) { - ErrorAbort(state, "unexpected maximum stash blocks [%s]\n", line); - goto pbiudone; - } - - if (stash_max_blocks >= 0) { - res = CreateStash(state, stash_max_blocks, blockdev_filename->data, - ¶ms.stashbase); - - if (res == -1) { - goto pbiudone; - } - - params.createdstash = res; - } - } - - // Build a hash table of the available commands - cmdht = mzHashTableCreate(cmdcount, NULL); - - for (i = 0; i < cmdcount; ++i) { - cmdhash = HashString(commands[i].name); - mzHashTableLookup(cmdht, cmdhash, (void*) &commands[i], CompareCommands, true); - } - - // Subsequent lines are all individual transfer commands - for (line = strtok_r(NULL, "\n", &linesave); line; - line = strtok_r(NULL, "\n", &linesave)) { - - logcmd = strdup(line); - params.cmdname = strtok_r(line, " ", ¶ms.cpos); - - if (params.cmdname == NULL) { - fprintf(stderr, "missing command [%s]\n", line); - goto pbiudone; - } - - cmdhash = HashString(params.cmdname); - cmd = (const Command*) mzHashTableLookup(cmdht, cmdhash, params.cmdname, - CompareCommandNames, false); - - if (cmd == NULL) { - fprintf(stderr, "unexpected command [%s]\n", params.cmdname); - goto pbiudone; - } - - if (cmd->f != NULL && cmd->f(¶ms) == -1) { - fprintf(stderr, "failed to execute command [%s]\n", - logcmd ? logcmd : params.cmdname); - goto pbiudone; - } - - if (logcmd) { - free(logcmd); - logcmd = NULL; - } - - if (params.canwrite) { - fprintf(cmd_pipe, "set_progress %.4f\n", (double) params.written / total_blocks); - fflush(cmd_pipe); - } - } - - if (params.canwrite) { - pthread_join(params.thread, NULL); - - fprintf(stderr, "wrote %d blocks; expected %d\n", params.written, total_blocks); - fprintf(stderr, "max alloc needed was %zu\n", params.bufsize); - - // Delete stash only after successfully completing the update, as it - // may contain blocks needed to complete the update later. - DeleteStash(params.stashbase); - } else { - fprintf(stderr, "verified partition contents; update may be resumed\n"); - } - - rc = 0; - -pbiudone: - if (params.fd != -1) { - if (fsync(params.fd) == -1) { - fprintf(stderr, "fsync failed: %s\n", strerror(errno)); - } - close(params.fd); - } - - if (logcmd) { - free(logcmd); - } - - if (cmdht) { - mzHashTableFree(cmdht); - } - - if (params.buffer) { - free(params.buffer); - } - - if (transfer_list) { - free(transfer_list); - } - - if (blockdev_filename) { - FreeValue(blockdev_filename); - } - - if (transfer_list_value) { - FreeValue(transfer_list_value); - } - - if (new_data_fn) { - FreeValue(new_data_fn); - } - - if (patch_data_fn) { - FreeValue(patch_data_fn); - } - - // Only delete the stash if the update cannot be resumed, or it's - // a verification run and we created the stash. - if (params.isunresumable || (!params.canwrite && params.createdstash)) { - DeleteStash(params.stashbase); - } - - if (params.stashbase) { - free(params.stashbase); - } - - return StringValue(rc == 0 ? strdup("t") : strdup("")); -} - -// The transfer list is a text file containing commands to -// transfer data from one place to another on the target -// partition. We parse it and execute the commands in order: -// -// zero [rangeset] -// - fill the indicated blocks with zeros -// -// new [rangeset] -// - fill the blocks with data read from the new_data file -// -// erase [rangeset] -// - mark the given blocks as empty -// -// move <...> -// bsdiff <...> -// imgdiff <...> -// - read the source blocks, apply a patch (or not in the -// case of move), write result to target blocks. bsdiff or -// imgdiff specifies the type of patch; move means no patch -// at all. -// -// The format of <...> differs between versions 1 and 2; -// see the LoadSrcTgtVersion{1,2}() functions for a -// description of what's expected. -// -// stash -// - (version 2+ only) load the given source range and stash -// the data in the given slot of the stash table. -// -// The creator of the transfer list will guarantee that no block -// is read (ie, used as the source for a patch or move) after it -// has been written. -// -// In version 2, the creator will guarantee that a given stash is -// loaded (with a stash command) before it's used in a -// move/bsdiff/imgdiff command. -// -// Within one command the source and target ranges may overlap so -// in general we need to read the entire source into memory before -// writing anything to the target blocks. -// -// All the patch data is concatenated into one patch_data file in -// the update package. It must be stored uncompressed because we -// memory-map it in directly from the archive. (Since patches are -// already compressed, we lose very little by not compressing -// their concatenation.) -// -// In version 3, commands that read data from the partition (i.e. -// move/bsdiff/imgdiff/stash) have one or more additional hashes -// before the range parameters, which are used to check if the -// command has already been completed and verify the integrity of -// the source data. - -Value* BlockImageVerifyFn(const char* name, State* state, int argc, Expr* argv[]) { - // Commands which are not tested are set to NULL to skip them completely - const Command commands[] = { - { "bsdiff", PerformCommandDiff }, - { "erase", NULL }, - { "free", PerformCommandFree }, - { "imgdiff", PerformCommandDiff }, - { "move", PerformCommandMove }, - { "new", NULL }, - { "stash", PerformCommandStash }, - { "zero", NULL } - }; - - // Perform a dry run without writing to test if an update can proceed - return PerformBlockImageUpdate(name, state, argc, argv, commands, - sizeof(commands) / sizeof(commands[0]), 1); -} - -Value* BlockImageUpdateFn(const char* name, State* state, int argc, Expr* argv[]) { - const Command commands[] = { - { "bsdiff", PerformCommandDiff }, - { "erase", PerformCommandErase }, - { "free", PerformCommandFree }, - { "imgdiff", PerformCommandDiff }, - { "move", PerformCommandMove }, - { "new", PerformCommandNew }, - { "stash", PerformCommandStash }, - { "zero", PerformCommandZero } - }; - - return PerformBlockImageUpdate(name, state, argc, argv, commands, - sizeof(commands) / sizeof(commands[0]), 0); -} - -Value* RangeSha1Fn(const char* name, State* state, int argc, Expr* argv[]) { - Value* blockdev_filename; - Value* ranges; - const uint8_t* digest = NULL; - if (ReadValueArgs(state, argv, 2, &blockdev_filename, &ranges) < 0) { - return NULL; - } - - if (blockdev_filename->type != VAL_STRING) { - ErrorAbort(state, "blockdev_filename argument to %s must be string", name); - goto done; - } - if (ranges->type != VAL_STRING) { - ErrorAbort(state, "ranges argument to %s must be string", name); - goto done; - } - - int fd = open(blockdev_filename->data, O_RDWR); - if (fd < 0) { - ErrorAbort(state, "open \"%s\" failed: %s", blockdev_filename->data, strerror(errno)); - goto done; - } - - RangeSet* rs = parse_range(ranges->data); - uint8_t buffer[BLOCKSIZE]; - - SHA_CTX ctx; - SHA_init(&ctx); - - int i, j; - for (i = 0; i < rs->count; ++i) { - if (!check_lseek(fd, (off64_t)rs->pos[i*2] * BLOCKSIZE, SEEK_SET)) { - ErrorAbort(state, "failed to seek %s: %s", blockdev_filename->data, - strerror(errno)); - goto done; - } - - for (j = rs->pos[i*2]; j < rs->pos[i*2+1]; ++j) { - if (read_all(fd, buffer, BLOCKSIZE) == -1) { - ErrorAbort(state, "failed to read %s: %s", blockdev_filename->data, - strerror(errno)); - goto done; - } - - SHA_update(&ctx, buffer, BLOCKSIZE); - } - } - digest = SHA_final(&ctx); - close(fd); - - done: - FreeValue(blockdev_filename); - FreeValue(ranges); - if (digest == NULL) { - return StringValue(strdup("")); - } else { - return StringValue(PrintSha1(digest)); - } -} - -void RegisterBlockImageFunctions() { - RegisterFunction("block_image_verify", BlockImageVerifyFn); - RegisterFunction("block_image_update", BlockImageUpdateFn); - RegisterFunction("range_sha1", RangeSha1Fn); -} diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp new file mode 100644 index 000000000..258d97552 --- /dev/null +++ b/updater/blockimg.cpp @@ -0,0 +1,1991 @@ +/* + * Copyright (C) 2014 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "applypatch/applypatch.h" +#include "edify/expr.h" +#include "mincrypt/sha.h" +#include "minzip/Hash.h" +#include "updater.h" + +#define BLOCKSIZE 4096 + +// Set this to 0 to interpret 'erase' transfers to mean do a +// BLKDISCARD ioctl (the normal behavior). Set to 1 to interpret +// erase to mean fill the region with zeroes. +#define DEBUG_ERASE 0 + +#define STASH_DIRECTORY_BASE "/cache/recovery" +#define STASH_DIRECTORY_MODE 0700 +#define STASH_FILE_MODE 0600 + +char* PrintSha1(const uint8_t* digest); + +typedef struct { + int count; + int size; + int pos[0]; +} RangeSet; + +#define RANGESET_MAX_POINTS \ + ((int)((INT_MAX / sizeof(int)) - sizeof(RangeSet))) + +static RangeSet* parse_range(char* text) { + char* save; + char* token; + int num; + long int val; + RangeSet* out = NULL; + size_t bufsize; + + if (!text) { + goto err; + } + + token = strtok_r(text, ",", &save); + + if (!token) { + goto err; + } + + val = strtol(token, NULL, 0); + + if (val < 2 || val > RANGESET_MAX_POINTS) { + goto err; + } else if (val % 2) { + goto err; // must be even + } + + num = (int) val; + bufsize = sizeof(RangeSet) + num * sizeof(int); + + out = reinterpret_cast(malloc(bufsize)); + + if (!out) { + fprintf(stderr, "failed to allocate range of %zu bytes\n", bufsize); + goto err; + } + + out->count = num / 2; + out->size = 0; + + for (int i = 0; i < num; ++i) { + token = strtok_r(NULL, ",", &save); + + if (!token) { + goto err; + } + + val = strtol(token, NULL, 0); + + if (val < 0 || val > INT_MAX) { + goto err; + } + + out->pos[i] = (int) val; + + if (i % 2) { + if (out->pos[i - 1] >= out->pos[i]) { + goto err; // empty or negative range + } + + if (out->size > INT_MAX - out->pos[i]) { + goto err; // overflow + } + + out->size += out->pos[i]; + } else { + if (out->size < 0) { + goto err; + } + + out->size -= out->pos[i]; + } + } + + if (out->size <= 0) { + goto err; + } + + return out; + +err: + fprintf(stderr, "failed to parse range '%s'\n", text ? text : "NULL"); + exit(1); +} + +static int range_overlaps(RangeSet* r1, RangeSet* r2) { + int i, j, r1_0, r1_1, r2_0, r2_1; + + if (!r1 || !r2) { + return 0; + } + + for (i = 0; i < r1->count; ++i) { + r1_0 = r1->pos[i * 2]; + r1_1 = r1->pos[i * 2 + 1]; + + for (j = 0; j < r2->count; ++j) { + r2_0 = r2->pos[j * 2]; + r2_1 = r2->pos[j * 2 + 1]; + + if (!(r2_0 >= r1_1 || r1_0 >= r2_1)) { + return 1; + } + } + } + + return 0; +} + +static int read_all(int fd, uint8_t* data, size_t size) { + size_t so_far = 0; + while (so_far < size) { + ssize_t r = TEMP_FAILURE_RETRY(read(fd, data+so_far, size-so_far)); + if (r == -1) { + fprintf(stderr, "read failed: %s\n", strerror(errno)); + return -1; + } + so_far += r; + } + return 0; +} + +static int write_all(int fd, const uint8_t* data, size_t size) { + size_t written = 0; + while (written < size) { + ssize_t w = TEMP_FAILURE_RETRY(write(fd, data+written, size-written)); + if (w == -1) { + fprintf(stderr, "write failed: %s\n", strerror(errno)); + return -1; + } + written += w; + } + + if (fsync(fd) == -1) { + fprintf(stderr, "fsync failed: %s\n", strerror(errno)); + return -1; + } + + return 0; +} + +static bool check_lseek(int fd, off64_t offset, int whence) { + off64_t rc = TEMP_FAILURE_RETRY(lseek64(fd, offset, whence)); + if (rc == -1) { + fprintf(stderr, "lseek64 failed: %s\n", strerror(errno)); + return false; + } + return true; +} + +static void allocate(size_t size, uint8_t** buffer, size_t* buffer_alloc) { + // if the buffer's big enough, reuse it. + if (size <= *buffer_alloc) return; + + free(*buffer); + + *buffer = (uint8_t*) malloc(size); + if (*buffer == NULL) { + fprintf(stderr, "failed to allocate %zu bytes\n", size); + exit(1); + } + *buffer_alloc = size; +} + +typedef struct { + int fd; + RangeSet* tgt; + int p_block; + size_t p_remain; +} RangeSinkState; + +static ssize_t RangeSinkWrite(const uint8_t* data, ssize_t size, void* token) { + RangeSinkState* rss = (RangeSinkState*) token; + + if (rss->p_remain <= 0) { + fprintf(stderr, "range sink write overrun"); + return 0; + } + + ssize_t written = 0; + while (size > 0) { + size_t write_now = size; + + if (rss->p_remain < write_now) { + write_now = rss->p_remain; + } + + if (write_all(rss->fd, data, write_now) == -1) { + break; + } + + data += write_now; + size -= write_now; + + rss->p_remain -= write_now; + written += write_now; + + if (rss->p_remain == 0) { + // move to the next block + ++rss->p_block; + if (rss->p_block < rss->tgt->count) { + rss->p_remain = (rss->tgt->pos[rss->p_block * 2 + 1] - + rss->tgt->pos[rss->p_block * 2]) * BLOCKSIZE; + + if (!check_lseek(rss->fd, (off64_t)rss->tgt->pos[rss->p_block*2] * BLOCKSIZE, + SEEK_SET)) { + break; + } + } else { + // we can't write any more; return how many bytes have + // been written so far. + break; + } + } + } + + return written; +} + +// All of the data for all the 'new' transfers is contained in one +// file in the update package, concatenated together in the order in +// which transfers.list will need it. We want to stream it out of the +// archive (it's compressed) without writing it to a temp file, but we +// can't write each section until it's that transfer's turn to go. +// +// To achieve this, we expand the new data from the archive in a +// background thread, and block that threads 'receive uncompressed +// data' function until the main thread has reached a point where we +// want some new data to be written. We signal the background thread +// with the destination for the data and block the main thread, +// waiting for the background thread to complete writing that section. +// Then it signals the main thread to wake up and goes back to +// blocking waiting for a transfer. +// +// NewThreadInfo is the struct used to pass information back and forth +// between the two threads. When the main thread wants some data +// written, it sets rss to the destination location and signals the +// condition. When the background thread is done writing, it clears +// rss and signals the condition again. + +typedef struct { + ZipArchive* za; + const ZipEntry* entry; + + RangeSinkState* rss; + + pthread_mutex_t mu; + pthread_cond_t cv; +} NewThreadInfo; + +static bool receive_new_data(const unsigned char* data, int size, void* cookie) { + NewThreadInfo* nti = (NewThreadInfo*) cookie; + + while (size > 0) { + // Wait for nti->rss to be non-NULL, indicating some of this + // data is wanted. + pthread_mutex_lock(&nti->mu); + while (nti->rss == NULL) { + pthread_cond_wait(&nti->cv, &nti->mu); + } + pthread_mutex_unlock(&nti->mu); + + // At this point nti->rss is set, and we own it. The main + // thread is waiting for it to disappear from nti. + ssize_t written = RangeSinkWrite(data, size, nti->rss); + data += written; + size -= written; + + if (nti->rss->p_block == nti->rss->tgt->count) { + // we have written all the bytes desired by this rss. + + pthread_mutex_lock(&nti->mu); + nti->rss = NULL; + pthread_cond_broadcast(&nti->cv); + pthread_mutex_unlock(&nti->mu); + } + } + + return true; +} + +static void* unzip_new_data(void* cookie) { + NewThreadInfo* nti = (NewThreadInfo*) cookie; + mzProcessZipEntryContents(nti->za, nti->entry, receive_new_data, nti); + return NULL; +} + +static int ReadBlocks(RangeSet* src, uint8_t* buffer, int fd) { + int i; + size_t p = 0; + size_t size; + + if (!src || !buffer) { + return -1; + } + + for (i = 0; i < src->count; ++i) { + if (!check_lseek(fd, (off64_t) src->pos[i * 2] * BLOCKSIZE, SEEK_SET)) { + return -1; + } + + size = (src->pos[i * 2 + 1] - src->pos[i * 2]) * BLOCKSIZE; + + if (read_all(fd, buffer + p, size) == -1) { + return -1; + } + + p += size; + } + + return 0; +} + +static int WriteBlocks(RangeSet* tgt, uint8_t* buffer, int fd) { + int i; + size_t p = 0; + size_t size; + + if (!tgt || !buffer) { + return -1; + } + + for (i = 0; i < tgt->count; ++i) { + if (!check_lseek(fd, (off64_t) tgt->pos[i * 2] * BLOCKSIZE, SEEK_SET)) { + return -1; + } + + size = (tgt->pos[i * 2 + 1] - tgt->pos[i * 2]) * BLOCKSIZE; + + if (write_all(fd, buffer + p, size) == -1) { + return -1; + } + + p += size; + } + + return 0; +} + +// Do a source/target load for move/bsdiff/imgdiff in version 1. +// 'wordsave' is the save_ptr of a strtok_r()-in-progress. We expect +// to parse the remainder of the string as: +// +// +// +// The source range is loaded into the provided buffer, reallocating +// it to make it larger if necessary. The target ranges are returned +// in *tgt, if tgt is non-NULL. + +static int LoadSrcTgtVersion1(char** wordsave, RangeSet** tgt, int* src_blocks, + uint8_t** buffer, size_t* buffer_alloc, int fd) { + char* word; + int rc; + + word = strtok_r(NULL, " ", wordsave); + RangeSet* src = parse_range(word); + + if (tgt != NULL) { + word = strtok_r(NULL, " ", wordsave); + *tgt = parse_range(word); + } + + allocate(src->size * BLOCKSIZE, buffer, buffer_alloc); + rc = ReadBlocks(src, *buffer, fd); + *src_blocks = src->size; + + free(src); + return rc; +} + +static int VerifyBlocks(const char *expected, const uint8_t *buffer, + size_t blocks, int printerror) { + char* hexdigest = NULL; + int rc = -1; + uint8_t digest[SHA_DIGEST_SIZE]; + + if (!expected || !buffer) { + return rc; + } + + SHA_hash(buffer, blocks * BLOCKSIZE, digest); + hexdigest = PrintSha1(digest); + + if (hexdigest != NULL) { + rc = strcmp(expected, hexdigest); + + if (rc != 0 && printerror) { + fprintf(stderr, "failed to verify blocks (expected %s, read %s)\n", + expected, hexdigest); + } + + free(hexdigest); + } + + return rc; +} + +static char* GetStashFileName(const char* base, const char* id, const char* postfix) { + char* fn; + int len; + int res; + + if (base == NULL) { + return NULL; + } + + if (id == NULL) { + id = ""; + } + + if (postfix == NULL) { + postfix = ""; + } + + len = strlen(STASH_DIRECTORY_BASE) + 1 + strlen(base) + 1 + strlen(id) + strlen(postfix) + 1; + fn = reinterpret_cast(malloc(len)); + + if (fn == NULL) { + fprintf(stderr, "failed to malloc %d bytes for fn\n", len); + return NULL; + } + + res = snprintf(fn, len, STASH_DIRECTORY_BASE "/%s/%s%s", base, id, postfix); + + if (res < 0 || res >= len) { + fprintf(stderr, "failed to format file name (return value %d)\n", res); + free(fn); + return NULL; + } + + return fn; +} + +typedef void (*StashCallback)(const char*, void*); + +// Does a best effort enumeration of stash files. Ignores possible non-file +// items in the stash directory and continues despite of errors. Calls the +// 'callback' function for each file and passes 'data' to the function as a +// parameter. + +static void EnumerateStash(const char* dirname, StashCallback callback, void* data) { + char* fn; + DIR* directory; + int len; + int res; + struct dirent* item; + + if (dirname == NULL || callback == NULL) { + return; + } + + directory = opendir(dirname); + + if (directory == NULL) { + if (errno != ENOENT) { + fprintf(stderr, "opendir \"%s\" failed: %s\n", dirname, strerror(errno)); + } + return; + } + + while ((item = readdir(directory)) != NULL) { + if (item->d_type != DT_REG) { + continue; + } + + len = strlen(dirname) + 1 + strlen(item->d_name) + 1; + fn = reinterpret_cast(malloc(len)); + + if (fn == NULL) { + fprintf(stderr, "failed to malloc %d bytes for fn\n", len); + continue; + } + + res = snprintf(fn, len, "%s/%s", dirname, item->d_name); + + if (res < 0 || res >= len) { + fprintf(stderr, "failed to format file name (return value %d)\n", res); + free(fn); + continue; + } + + callback(fn, data); + free(fn); + } + + if (closedir(directory) == -1) { + fprintf(stderr, "closedir \"%s\" failed: %s\n", dirname, strerror(errno)); + } +} + +static void UpdateFileSize(const char* fn, void* data) { + int* size = (int*) data; + struct stat st; + + if (!fn || !data) { + return; + } + + if (stat(fn, &st) == -1) { + fprintf(stderr, "stat \"%s\" failed: %s\n", fn, strerror(errno)); + return; + } + + *size += st.st_size; +} + +// Deletes the stash directory and all files in it. Assumes that it only +// contains files. There is nothing we can do about unlikely, but possible +// errors, so they are merely logged. + +static void DeleteFile(const char* fn, void* data) { + if (fn) { + fprintf(stderr, "deleting %s\n", fn); + + if (unlink(fn) == -1 && errno != ENOENT) { + fprintf(stderr, "unlink \"%s\" failed: %s\n", fn, strerror(errno)); + } + } +} + +static void DeletePartial(const char* fn, void* data) { + if (fn && strstr(fn, ".partial") != NULL) { + DeleteFile(fn, data); + } +} + +static void DeleteStash(const char* base) { + char* dirname; + + if (base == NULL) { + return; + } + + dirname = GetStashFileName(base, NULL, NULL); + + if (dirname == NULL) { + return; + } + + fprintf(stderr, "deleting stash %s\n", base); + EnumerateStash(dirname, DeleteFile, NULL); + + if (rmdir(dirname) == -1) { + if (errno != ENOENT && errno != ENOTDIR) { + fprintf(stderr, "rmdir \"%s\" failed: %s\n", dirname, strerror(errno)); + } + } + + free(dirname); +} + +static int LoadStash(const char* base, const char* id, int verify, int* blocks, uint8_t** buffer, + size_t* buffer_alloc, int printnoent) { + char *fn = NULL; + int blockcount = 0; + int fd = -1; + int rc = -1; + int res; + struct stat st; + + if (!base || !id || !buffer || !buffer_alloc) { + goto lsout; + } + + if (!blocks) { + blocks = &blockcount; + } + + fn = GetStashFileName(base, id, NULL); + + if (fn == NULL) { + goto lsout; + } + + res = stat(fn, &st); + + if (res == -1) { + if (errno != ENOENT || printnoent) { + fprintf(stderr, "stat \"%s\" failed: %s\n", fn, strerror(errno)); + } + goto lsout; + } + + fprintf(stderr, " loading %s\n", fn); + + if ((st.st_size % BLOCKSIZE) != 0) { + fprintf(stderr, "%s size %" PRId64 " not multiple of block size %d", + fn, static_cast(st.st_size), BLOCKSIZE); + goto lsout; + } + + fd = TEMP_FAILURE_RETRY(open(fn, O_RDONLY)); + + if (fd == -1) { + fprintf(stderr, "open \"%s\" failed: %s\n", fn, strerror(errno)); + goto lsout; + } + + allocate(st.st_size, buffer, buffer_alloc); + + if (read_all(fd, *buffer, st.st_size) == -1) { + goto lsout; + } + + *blocks = st.st_size / BLOCKSIZE; + + if (verify && VerifyBlocks(id, *buffer, *blocks, 1) != 0) { + fprintf(stderr, "unexpected contents in %s\n", fn); + DeleteFile(fn, NULL); + goto lsout; + } + + rc = 0; + +lsout: + if (fd != -1) { + close(fd); + } + + if (fn) { + free(fn); + } + + return rc; +} + +static int WriteStash(const char* base, const char* id, int blocks, uint8_t* buffer, + int checkspace, int *exists) { + char *fn = NULL; + char *cn = NULL; + int fd = -1; + int rc = -1; + int res; + struct stat st; + + if (base == NULL || buffer == NULL) { + goto wsout; + } + + if (checkspace && CacheSizeCheck(blocks * BLOCKSIZE) != 0) { + fprintf(stderr, "not enough space to write stash\n"); + goto wsout; + } + + fn = GetStashFileName(base, id, ".partial"); + cn = GetStashFileName(base, id, NULL); + + if (fn == NULL || cn == NULL) { + goto wsout; + } + + if (exists) { + res = stat(cn, &st); + + if (res == 0) { + // The file already exists and since the name is the hash of the contents, + // it's safe to assume the contents are identical (accidental hash collisions + // are unlikely) + fprintf(stderr, " skipping %d existing blocks in %s\n", blocks, cn); + *exists = 1; + rc = 0; + goto wsout; + } + + *exists = 0; + } + + fprintf(stderr, " writing %d blocks to %s\n", blocks, cn); + + fd = TEMP_FAILURE_RETRY(open(fn, O_WRONLY | O_CREAT | O_TRUNC | O_SYNC, STASH_FILE_MODE)); + + if (fd == -1) { + fprintf(stderr, "failed to create \"%s\": %s\n", fn, strerror(errno)); + goto wsout; + } + + if (write_all(fd, buffer, blocks * BLOCKSIZE) == -1) { + goto wsout; + } + + if (fsync(fd) == -1) { + fprintf(stderr, "fsync \"%s\" failed: %s\n", fn, strerror(errno)); + goto wsout; + } + + if (rename(fn, cn) == -1) { + fprintf(stderr, "rename(\"%s\", \"%s\") failed: %s\n", fn, cn, strerror(errno)); + goto wsout; + } + + rc = 0; + +wsout: + if (fd != -1) { + close(fd); + } + + if (fn) { + free(fn); + } + + if (cn) { + free(cn); + } + + return rc; +} + +// Creates a directory for storing stash files and checks if the /cache partition +// hash enough space for the expected amount of blocks we need to store. Returns +// >0 if we created the directory, zero if it existed already, and <0 of failure. + +static int CreateStash(State* state, int maxblocks, const char* blockdev, char** base) { + char* dirname = NULL; + const uint8_t* digest; + int rc = -1; + int res; + int size = 0; + SHA_CTX ctx; + struct stat st; + + if (blockdev == NULL || base == NULL) { + goto csout; + } + + // Stash directory should be different for each partition to avoid conflicts + // when updating multiple partitions at the same time, so we use the hash of + // the block device name as the base directory + SHA_init(&ctx); + SHA_update(&ctx, blockdev, strlen(blockdev)); + digest = SHA_final(&ctx); + *base = PrintSha1(digest); + + if (*base == NULL) { + goto csout; + } + + dirname = GetStashFileName(*base, NULL, NULL); + + if (dirname == NULL) { + goto csout; + } + + res = stat(dirname, &st); + + if (res == -1 && errno != ENOENT) { + ErrorAbort(state, "stat \"%s\" failed: %s\n", dirname, strerror(errno)); + goto csout; + } else if (res != 0) { + fprintf(stderr, "creating stash %s\n", dirname); + res = mkdir(dirname, STASH_DIRECTORY_MODE); + + if (res != 0) { + ErrorAbort(state, "mkdir \"%s\" failed: %s\n", dirname, strerror(errno)); + goto csout; + } + + if (CacheSizeCheck(maxblocks * BLOCKSIZE) != 0) { + ErrorAbort(state, "not enough space for stash\n"); + goto csout; + } + + rc = 1; // Created directory + goto csout; + } + + fprintf(stderr, "using existing stash %s\n", dirname); + + // If the directory already exists, calculate the space already allocated to + // stash files and check if there's enough for all required blocks. Delete any + // partially completed stash files first. + + EnumerateStash(dirname, DeletePartial, NULL); + EnumerateStash(dirname, UpdateFileSize, &size); + + size = (maxblocks * BLOCKSIZE) - size; + + if (size > 0 && CacheSizeCheck(size) != 0) { + ErrorAbort(state, "not enough space for stash (%d more needed)\n", size); + goto csout; + } + + rc = 0; // Using existing directory + +csout: + if (dirname) { + free(dirname); + } + + return rc; +} + +static int SaveStash(const char* base, char** wordsave, uint8_t** buffer, size_t* buffer_alloc, + int fd, int usehash, int* isunresumable) { + char *id = NULL; + int blocks = 0; + + if (!wordsave || !buffer || !buffer_alloc || !isunresumable) { + return -1; + } + + id = strtok_r(NULL, " ", wordsave); + + if (id == NULL) { + fprintf(stderr, "missing id field in stash command\n"); + return -1; + } + + if (usehash && LoadStash(base, id, 1, &blocks, buffer, buffer_alloc, 0) == 0) { + // Stash file already exists and has expected contents. Do not + // read from source again, as the source may have been already + // overwritten during a previous attempt. + return 0; + } + + if (LoadSrcTgtVersion1(wordsave, NULL, &blocks, buffer, buffer_alloc, fd) == -1) { + return -1; + } + + if (usehash && VerifyBlocks(id, *buffer, blocks, 1) != 0) { + // Source blocks have unexpected contents. If we actually need this + // data later, this is an unrecoverable error. However, the command + // that uses the data may have already completed previously, so the + // possible failure will occur during source block verification. + fprintf(stderr, "failed to load source blocks for stash %s\n", id); + return 0; + } + + fprintf(stderr, "stashing %d blocks to %s\n", blocks, id); + return WriteStash(base, id, blocks, *buffer, 0, NULL); +} + +static int FreeStash(const char* base, const char* id) { + char *fn = NULL; + + if (base == NULL || id == NULL) { + return -1; + } + + fn = GetStashFileName(base, id, NULL); + + if (fn == NULL) { + return -1; + } + + DeleteFile(fn, NULL); + free(fn); + + return 0; +} + +static void MoveRange(uint8_t* dest, RangeSet* locs, const uint8_t* source) { + // source contains packed data, which we want to move to the + // locations given in *locs in the dest buffer. source and dest + // may be the same buffer. + + int start = locs->size; + int i; + for (i = locs->count-1; i >= 0; --i) { + int blocks = locs->pos[i*2+1] - locs->pos[i*2]; + start -= blocks; + memmove(dest + (locs->pos[i*2] * BLOCKSIZE), source + (start * BLOCKSIZE), + blocks * BLOCKSIZE); + } +} + +// Do a source/target load for move/bsdiff/imgdiff in version 2. +// 'wordsave' is the save_ptr of a strtok_r()-in-progress. We expect +// to parse the remainder of the string as one of: +// +// +// (loads data from source image only) +// +// - <[stash_id:stash_range] ...> +// (loads data from stashes only) +// +// <[stash_id:stash_range] ...> +// (loads data from both source image and stashes) +// +// On return, buffer is filled with the loaded source data (rearranged +// and combined with stashed data as necessary). buffer may be +// reallocated if needed to accommodate the source data. *tgt is the +// target RangeSet. Any stashes required are loaded using LoadStash. + +static int LoadSrcTgtVersion2(char** wordsave, RangeSet** tgt, int* src_blocks, + uint8_t** buffer, size_t* buffer_alloc, int fd, + const char* stashbase, int* overlap) { + char* word; + char* colonsave; + char* colon; + int res; + RangeSet* locs; + size_t stashalloc = 0; + uint8_t* stash = NULL; + + if (tgt != NULL) { + word = strtok_r(NULL, " ", wordsave); + *tgt = parse_range(word); + } + + word = strtok_r(NULL, " ", wordsave); + *src_blocks = strtol(word, NULL, 0); + + allocate(*src_blocks * BLOCKSIZE, buffer, buffer_alloc); + + word = strtok_r(NULL, " ", wordsave); + if (word[0] == '-' && word[1] == '\0') { + // no source ranges, only stashes + } else { + RangeSet* src = parse_range(word); + res = ReadBlocks(src, *buffer, fd); + + if (overlap && tgt) { + *overlap = range_overlaps(src, *tgt); + } + + free(src); + + if (res == -1) { + return -1; + } + + word = strtok_r(NULL, " ", wordsave); + if (word == NULL) { + // no stashes, only source range + return 0; + } + + locs = parse_range(word); + MoveRange(*buffer, locs, *buffer); + free(locs); + } + + while ((word = strtok_r(NULL, " ", wordsave)) != NULL) { + // Each word is a an index into the stash table, a colon, and + // then a rangeset describing where in the source block that + // stashed data should go. + colonsave = NULL; + colon = strtok_r(word, ":", &colonsave); + + res = LoadStash(stashbase, colon, 0, NULL, &stash, &stashalloc, 1); + + if (res == -1) { + // These source blocks will fail verification if used later, but we + // will let the caller decide if this is a fatal failure + fprintf(stderr, "failed to load stash %s\n", colon); + continue; + } + + colon = strtok_r(NULL, ":", &colonsave); + locs = parse_range(colon); + + MoveRange(*buffer, locs, stash); + free(locs); + } + + if (stash) { + free(stash); + } + + return 0; +} + +// Parameters for transfer list command functions +typedef struct { + char* cmdname; + char* cpos; + char* freestash; + char* stashbase; + int canwrite; + int createdstash; + int fd; + int foundwrites; + int isunresumable; + int version; + int written; + NewThreadInfo nti; + pthread_t thread; + size_t bufsize; + uint8_t* buffer; + uint8_t* patch_start; +} CommandParameters; + +// Do a source/target load for move/bsdiff/imgdiff in version 3. +// +// Parameters are the same as for LoadSrcTgtVersion2, except for 'onehash', which +// tells the function whether to expect separate source and targe block hashes, or +// if they are both the same and only one hash should be expected, and +// 'isunresumable', which receives a non-zero value if block verification fails in +// a way that the update cannot be resumed anymore. +// +// If the function is unable to load the necessary blocks or their contents don't +// match the hashes, the return value is -1 and the command should be aborted. +// +// If the return value is 1, the command has already been completed according to +// the contents of the target blocks, and should not be performed again. +// +// If the return value is 0, source blocks have expected content and the command +// can be performed. + +static int LoadSrcTgtVersion3(CommandParameters* params, RangeSet** tgt, int* src_blocks, + int onehash, int* overlap) { + char* srchash = NULL; + char* tgthash = NULL; + int stash_exists = 0; + int rc = -1; + uint8_t* tgtbuffer = NULL; + + if (!params|| !tgt || !src_blocks || !overlap) { + goto v3out; + } + + srchash = strtok_r(NULL, " ", ¶ms->cpos); + + if (srchash == NULL) { + fprintf(stderr, "missing source hash\n"); + goto v3out; + } + + if (onehash) { + tgthash = srchash; + } else { + tgthash = strtok_r(NULL, " ", ¶ms->cpos); + + if (tgthash == NULL) { + fprintf(stderr, "missing target hash\n"); + goto v3out; + } + } + + if (LoadSrcTgtVersion2(¶ms->cpos, tgt, src_blocks, ¶ms->buffer, ¶ms->bufsize, + params->fd, params->stashbase, overlap) == -1) { + goto v3out; + } + + tgtbuffer = (uint8_t*) malloc((*tgt)->size * BLOCKSIZE); + + if (tgtbuffer == NULL) { + fprintf(stderr, "failed to allocate %d bytes\n", (*tgt)->size * BLOCKSIZE); + goto v3out; + } + + if (ReadBlocks(*tgt, tgtbuffer, params->fd) == -1) { + goto v3out; + } + + if (VerifyBlocks(tgthash, tgtbuffer, (*tgt)->size, 0) == 0) { + // Target blocks already have expected content, command should be skipped + rc = 1; + goto v3out; + } + + if (VerifyBlocks(srchash, params->buffer, *src_blocks, 1) == 0) { + // If source and target blocks overlap, stash the source blocks so we can + // resume from possible write errors + if (*overlap) { + fprintf(stderr, "stashing %d overlapping blocks to %s\n", *src_blocks, + srchash); + + if (WriteStash(params->stashbase, srchash, *src_blocks, params->buffer, 1, + &stash_exists) != 0) { + fprintf(stderr, "failed to stash overlapping source blocks\n"); + goto v3out; + } + + // Can be deleted when the write has completed + if (!stash_exists) { + params->freestash = srchash; + } + } + + // Source blocks have expected content, command can proceed + rc = 0; + goto v3out; + } + + if (*overlap && LoadStash(params->stashbase, srchash, 1, NULL, ¶ms->buffer, + ¶ms->bufsize, 1) == 0) { + // Overlapping source blocks were previously stashed, command can proceed. + // We are recovering from an interrupted command, so we don't know if the + // stash can safely be deleted after this command. + rc = 0; + goto v3out; + } + + // Valid source data not available, update cannot be resumed + fprintf(stderr, "partition has unexpected contents\n"); + params->isunresumable = 1; + +v3out: + if (tgtbuffer) { + free(tgtbuffer); + } + + return rc; +} + +static int PerformCommandMove(CommandParameters* params) { + int blocks = 0; + int overlap = 0; + int rc = -1; + int status = 0; + RangeSet* tgt = NULL; + + if (!params) { + goto pcmout; + } + + if (params->version == 1) { + status = LoadSrcTgtVersion1(¶ms->cpos, &tgt, &blocks, ¶ms->buffer, + ¶ms->bufsize, params->fd); + } else if (params->version == 2) { + status = LoadSrcTgtVersion2(¶ms->cpos, &tgt, &blocks, ¶ms->buffer, + ¶ms->bufsize, params->fd, params->stashbase, NULL); + } else if (params->version >= 3) { + status = LoadSrcTgtVersion3(params, &tgt, &blocks, 1, &overlap); + } + + if (status == -1) { + fprintf(stderr, "failed to read blocks for move\n"); + goto pcmout; + } + + if (status == 0) { + params->foundwrites = 1; + } else if (params->foundwrites) { + fprintf(stderr, "warning: commands executed out of order [%s]\n", params->cmdname); + } + + if (params->canwrite) { + if (status == 0) { + fprintf(stderr, " moving %d blocks\n", blocks); + + if (WriteBlocks(tgt, params->buffer, params->fd) == -1) { + goto pcmout; + } + } else { + fprintf(stderr, "skipping %d already moved blocks\n", blocks); + } + + } + + if (params->freestash) { + FreeStash(params->stashbase, params->freestash); + params->freestash = NULL; + } + + params->written += tgt->size; + rc = 0; + +pcmout: + if (tgt) { + free(tgt); + } + + return rc; +} + +static int PerformCommandStash(CommandParameters* params) { + if (!params) { + return -1; + } + + return SaveStash(params->stashbase, ¶ms->cpos, ¶ms->buffer, ¶ms->bufsize, + params->fd, (params->version >= 3), ¶ms->isunresumable); +} + +static int PerformCommandFree(CommandParameters* params) { + if (!params) { + return -1; + } + + if (params->createdstash || params->canwrite) { + return FreeStash(params->stashbase, params->cpos); + } + + return 0; +} + +static int PerformCommandZero(CommandParameters* params) { + char* range = NULL; + int i; + int j; + int rc = -1; + RangeSet* tgt = NULL; + + if (!params) { + goto pczout; + } + + range = strtok_r(NULL, " ", ¶ms->cpos); + + if (range == NULL) { + fprintf(stderr, "missing target blocks for zero\n"); + goto pczout; + } + + tgt = parse_range(range); + + fprintf(stderr, " zeroing %d blocks\n", tgt->size); + + allocate(BLOCKSIZE, ¶ms->buffer, ¶ms->bufsize); + memset(params->buffer, 0, BLOCKSIZE); + + if (params->canwrite) { + for (i = 0; i < tgt->count; ++i) { + if (!check_lseek(params->fd, (off64_t) tgt->pos[i * 2] * BLOCKSIZE, SEEK_SET)) { + goto pczout; + } + + for (j = tgt->pos[i * 2]; j < tgt->pos[i * 2 + 1]; ++j) { + if (write_all(params->fd, params->buffer, BLOCKSIZE) == -1) { + goto pczout; + } + } + } + } + + if (params->cmdname[0] == 'z') { + // Update only for the zero command, as the erase command will call + // this if DEBUG_ERASE is defined. + params->written += tgt->size; + } + + rc = 0; + +pczout: + if (tgt) { + free(tgt); + } + + return rc; +} + +static int PerformCommandNew(CommandParameters* params) { + char* range = NULL; + int rc = -1; + RangeSet* tgt = NULL; + RangeSinkState rss; + + if (!params) { + goto pcnout; + } + + range = strtok_r(NULL, " ", ¶ms->cpos); + + if (range == NULL) { + goto pcnout; + } + + tgt = parse_range(range); + + if (params->canwrite) { + fprintf(stderr, " writing %d blocks of new data\n", tgt->size); + + rss.fd = params->fd; + rss.tgt = tgt; + rss.p_block = 0; + rss.p_remain = (tgt->pos[1] - tgt->pos[0]) * BLOCKSIZE; + + if (!check_lseek(params->fd, (off64_t) tgt->pos[0] * BLOCKSIZE, SEEK_SET)) { + goto pcnout; + } + + pthread_mutex_lock(¶ms->nti.mu); + params->nti.rss = &rss; + pthread_cond_broadcast(¶ms->nti.cv); + + while (params->nti.rss) { + pthread_cond_wait(¶ms->nti.cv, ¶ms->nti.mu); + } + + pthread_mutex_unlock(¶ms->nti.mu); + } + + params->written += tgt->size; + rc = 0; + +pcnout: + if (tgt) { + free(tgt); + } + + return rc; +} + +static int PerformCommandDiff(CommandParameters* params) { + char* logparams = NULL; + char* value = NULL; + int blocks = 0; + int overlap = 0; + int rc = -1; + int status = 0; + RangeSet* tgt = NULL; + RangeSinkState rss; + size_t len = 0; + size_t offset = 0; + Value patch_value; + + if (!params) { + goto pcdout; + } + + logparams = strdup(params->cpos); + value = strtok_r(NULL, " ", ¶ms->cpos); + + if (value == NULL) { + fprintf(stderr, "missing patch offset for %s\n", params->cmdname); + goto pcdout; + } + + offset = strtoul(value, NULL, 0); + + value = strtok_r(NULL, " ", ¶ms->cpos); + + if (value == NULL) { + fprintf(stderr, "missing patch length for %s\n", params->cmdname); + goto pcdout; + } + + len = strtoul(value, NULL, 0); + + if (params->version == 1) { + status = LoadSrcTgtVersion1(¶ms->cpos, &tgt, &blocks, ¶ms->buffer, + ¶ms->bufsize, params->fd); + } else if (params->version == 2) { + status = LoadSrcTgtVersion2(¶ms->cpos, &tgt, &blocks, ¶ms->buffer, + ¶ms->bufsize, params->fd, params->stashbase, NULL); + } else if (params->version >= 3) { + status = LoadSrcTgtVersion3(params, &tgt, &blocks, 0, &overlap); + } + + if (status == -1) { + fprintf(stderr, "failed to read blocks for diff\n"); + goto pcdout; + } + + if (status == 0) { + params->foundwrites = 1; + } else if (params->foundwrites) { + fprintf(stderr, "warning: commands executed out of order [%s]\n", params->cmdname); + } + + if (params->canwrite) { + if (status == 0) { + fprintf(stderr, "patching %d blocks to %d\n", blocks, tgt->size); + + patch_value.type = VAL_BLOB; + patch_value.size = len; + patch_value.data = (char*) (params->patch_start + offset); + + rss.fd = params->fd; + rss.tgt = tgt; + rss.p_block = 0; + rss.p_remain = (tgt->pos[1] - tgt->pos[0]) * BLOCKSIZE; + + if (!check_lseek(params->fd, (off64_t) tgt->pos[0] * BLOCKSIZE, SEEK_SET)) { + goto pcdout; + } + + if (params->cmdname[0] == 'i') { // imgdiff + ApplyImagePatch(params->buffer, blocks * BLOCKSIZE, &patch_value, + &RangeSinkWrite, &rss, NULL, NULL); + } else { + ApplyBSDiffPatch(params->buffer, blocks * BLOCKSIZE, &patch_value, + 0, &RangeSinkWrite, &rss, NULL); + } + + // We expect the output of the patcher to fill the tgt ranges exactly. + if (rss.p_block != tgt->count || rss.p_remain != 0) { + fprintf(stderr, "range sink underrun?\n"); + } + } else { + fprintf(stderr, "skipping %d blocks already patched to %d [%s]\n", + blocks, tgt->size, logparams); + } + } + + if (params->freestash) { + FreeStash(params->stashbase, params->freestash); + params->freestash = NULL; + } + + params->written += tgt->size; + rc = 0; + +pcdout: + if (logparams) { + free(logparams); + } + + if (tgt) { + free(tgt); + } + + return rc; +} + +static int PerformCommandErase(CommandParameters* params) { + char* range = NULL; + int i; + int rc = -1; + RangeSet* tgt = NULL; + struct stat st; + uint64_t blocks[2]; + + if (DEBUG_ERASE) { + return PerformCommandZero(params); + } + + if (!params) { + goto pceout; + } + + if (fstat(params->fd, &st) == -1) { + fprintf(stderr, "failed to fstat device to erase: %s\n", strerror(errno)); + goto pceout; + } + + if (!S_ISBLK(st.st_mode)) { + fprintf(stderr, "not a block device; skipping erase\n"); + goto pceout; + } + + range = strtok_r(NULL, " ", ¶ms->cpos); + + if (range == NULL) { + fprintf(stderr, "missing target blocks for erase\n"); + goto pceout; + } + + tgt = parse_range(range); + + if (params->canwrite) { + fprintf(stderr, " erasing %d blocks\n", tgt->size); + + for (i = 0; i < tgt->count; ++i) { + // offset in bytes + blocks[0] = tgt->pos[i * 2] * (uint64_t) BLOCKSIZE; + // length in bytes + blocks[1] = (tgt->pos[i * 2 + 1] - tgt->pos[i * 2]) * (uint64_t) BLOCKSIZE; + + if (ioctl(params->fd, BLKDISCARD, &blocks) == -1) { + fprintf(stderr, "BLKDISCARD ioctl failed: %s\n", strerror(errno)); + goto pceout; + } + } + } + + rc = 0; + +pceout: + if (tgt) { + free(tgt); + } + + return rc; +} + +// Definitions for transfer list command functions +typedef int (*CommandFunction)(CommandParameters*); + +typedef struct { + const char* name; + CommandFunction f; +} Command; + +// CompareCommands and CompareCommandNames are for the hash table + +static int CompareCommands(const void* c1, const void* c2) { + return strcmp(((const Command*) c1)->name, ((const Command*) c2)->name); +} + +static int CompareCommandNames(const void* c1, const void* c2) { + return strcmp(((const Command*) c1)->name, (const char*) c2); +} + +// HashString is used to hash command names for the hash table + +static unsigned int HashString(const char *s) { + unsigned int hash = 0; + if (s) { + while (*s) { + hash = hash * 33 + *s++; + } + } + return hash; +} + +// args: +// - block device (or file) to modify in-place +// - transfer list (blob) +// - new data stream (filename within package.zip) +// - patch stream (filename within package.zip, must be uncompressed) + +static Value* PerformBlockImageUpdate(const char* name, State* state, int argc, Expr* argv[], + const Command* commands, int cmdcount, int dryrun) { + + char* line = NULL; + char* linesave = NULL; + char* logcmd = NULL; + char* transfer_list = NULL; + CommandParameters params; + const Command* cmd = NULL; + const ZipEntry* new_entry = NULL; + const ZipEntry* patch_entry = NULL; + FILE* cmd_pipe = NULL; + HashTable* cmdht = NULL; + int i; + int res; + int rc = -1; + int stash_max_blocks = 0; + int total_blocks = 0; + pthread_attr_t attr; + unsigned int cmdhash; + UpdaterInfo* ui = NULL; + Value* blockdev_filename = NULL; + Value* new_data_fn = NULL; + Value* patch_data_fn = NULL; + Value* transfer_list_value = NULL; + ZipArchive* za = NULL; + + memset(¶ms, 0, sizeof(params)); + params.canwrite = !dryrun; + + fprintf(stderr, "performing %s\n", dryrun ? "verification" : "update"); + + if (ReadValueArgs(state, argv, 4, &blockdev_filename, &transfer_list_value, + &new_data_fn, &patch_data_fn) < 0) { + goto pbiudone; + } + + if (blockdev_filename->type != VAL_STRING) { + ErrorAbort(state, "blockdev_filename argument to %s must be string", name); + goto pbiudone; + } + if (transfer_list_value->type != VAL_BLOB) { + ErrorAbort(state, "transfer_list argument to %s must be blob", name); + goto pbiudone; + } + if (new_data_fn->type != VAL_STRING) { + ErrorAbort(state, "new_data_fn argument to %s must be string", name); + goto pbiudone; + } + if (patch_data_fn->type != VAL_STRING) { + ErrorAbort(state, "patch_data_fn argument to %s must be string", name); + goto pbiudone; + } + + ui = (UpdaterInfo*) state->cookie; + + if (ui == NULL) { + goto pbiudone; + } + + cmd_pipe = ui->cmd_pipe; + za = ui->package_zip; + + if (cmd_pipe == NULL || za == NULL) { + goto pbiudone; + } + + patch_entry = mzFindZipEntry(za, patch_data_fn->data); + + if (patch_entry == NULL) { + fprintf(stderr, "%s(): no file \"%s\" in package", name, patch_data_fn->data); + goto pbiudone; + } + + params.patch_start = ui->package_zip_addr + mzGetZipEntryOffset(patch_entry); + new_entry = mzFindZipEntry(za, new_data_fn->data); + + if (new_entry == NULL) { + fprintf(stderr, "%s(): no file \"%s\" in package", name, new_data_fn->data); + goto pbiudone; + } + + params.fd = TEMP_FAILURE_RETRY(open(blockdev_filename->data, O_RDWR)); + + if (params.fd == -1) { + fprintf(stderr, "open \"%s\" failed: %s\n", blockdev_filename->data, strerror(errno)); + goto pbiudone; + } + + if (params.canwrite) { + params.nti.za = za; + params.nti.entry = new_entry; + + pthread_mutex_init(¶ms.nti.mu, NULL); + pthread_cond_init(¶ms.nti.cv, NULL); + pthread_attr_init(&attr); + pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_JOINABLE); + + int error = pthread_create(¶ms.thread, &attr, unzip_new_data, ¶ms.nti); + if (error != 0) { + fprintf(stderr, "pthread_create failed: %s\n", strerror(error)); + goto pbiudone; + } + } + + // The data in transfer_list_value is not necessarily null-terminated, so we need + // to copy it to a new buffer and add the null that strtok_r will need. + transfer_list = reinterpret_cast(malloc(transfer_list_value->size + 1)); + + if (transfer_list == NULL) { + fprintf(stderr, "failed to allocate %zd bytes for transfer list\n", + transfer_list_value->size + 1); + goto pbiudone; + } + + memcpy(transfer_list, transfer_list_value->data, transfer_list_value->size); + transfer_list[transfer_list_value->size] = '\0'; + + // First line in transfer list is the version number + line = strtok_r(transfer_list, "\n", &linesave); + params.version = strtol(line, NULL, 0); + + if (params.version < 1 || params.version > 3) { + fprintf(stderr, "unexpected transfer list version [%s]\n", line); + goto pbiudone; + } + + fprintf(stderr, "blockimg version is %d\n", params.version); + + // Second line in transfer list is the total number of blocks we expect to write + line = strtok_r(NULL, "\n", &linesave); + total_blocks = strtol(line, NULL, 0); + + if (total_blocks < 0) { + ErrorAbort(state, "unexpected block count [%s]\n", line); + goto pbiudone; + } else if (total_blocks == 0) { + rc = 0; + goto pbiudone; + } + + if (params.version >= 2) { + // Third line is how many stash entries are needed simultaneously + line = strtok_r(NULL, "\n", &linesave); + fprintf(stderr, "maximum stash entries %s\n", line); + + // Fourth line is the maximum number of blocks that will be stashed simultaneously + line = strtok_r(NULL, "\n", &linesave); + stash_max_blocks = strtol(line, NULL, 0); + + if (stash_max_blocks < 0) { + ErrorAbort(state, "unexpected maximum stash blocks [%s]\n", line); + goto pbiudone; + } + + if (stash_max_blocks >= 0) { + res = CreateStash(state, stash_max_blocks, blockdev_filename->data, + ¶ms.stashbase); + + if (res == -1) { + goto pbiudone; + } + + params.createdstash = res; + } + } + + // Build a hash table of the available commands + cmdht = mzHashTableCreate(cmdcount, NULL); + + for (i = 0; i < cmdcount; ++i) { + cmdhash = HashString(commands[i].name); + mzHashTableLookup(cmdht, cmdhash, (void*) &commands[i], CompareCommands, true); + } + + // Subsequent lines are all individual transfer commands + for (line = strtok_r(NULL, "\n", &linesave); line; + line = strtok_r(NULL, "\n", &linesave)) { + + logcmd = strdup(line); + params.cmdname = strtok_r(line, " ", ¶ms.cpos); + + if (params.cmdname == NULL) { + fprintf(stderr, "missing command [%s]\n", line); + goto pbiudone; + } + + cmdhash = HashString(params.cmdname); + cmd = (const Command*) mzHashTableLookup(cmdht, cmdhash, params.cmdname, + CompareCommandNames, false); + + if (cmd == NULL) { + fprintf(stderr, "unexpected command [%s]\n", params.cmdname); + goto pbiudone; + } + + if (cmd->f != NULL && cmd->f(¶ms) == -1) { + fprintf(stderr, "failed to execute command [%s]\n", + logcmd ? logcmd : params.cmdname); + goto pbiudone; + } + + if (logcmd) { + free(logcmd); + logcmd = NULL; + } + + if (params.canwrite) { + fprintf(cmd_pipe, "set_progress %.4f\n", (double) params.written / total_blocks); + fflush(cmd_pipe); + } + } + + if (params.canwrite) { + pthread_join(params.thread, NULL); + + fprintf(stderr, "wrote %d blocks; expected %d\n", params.written, total_blocks); + fprintf(stderr, "max alloc needed was %zu\n", params.bufsize); + + // Delete stash only after successfully completing the update, as it + // may contain blocks needed to complete the update later. + DeleteStash(params.stashbase); + } else { + fprintf(stderr, "verified partition contents; update may be resumed\n"); + } + + rc = 0; + +pbiudone: + if (params.fd != -1) { + if (fsync(params.fd) == -1) { + fprintf(stderr, "fsync failed: %s\n", strerror(errno)); + } + close(params.fd); + } + + if (logcmd) { + free(logcmd); + } + + if (cmdht) { + mzHashTableFree(cmdht); + } + + if (params.buffer) { + free(params.buffer); + } + + if (transfer_list) { + free(transfer_list); + } + + if (blockdev_filename) { + FreeValue(blockdev_filename); + } + + if (transfer_list_value) { + FreeValue(transfer_list_value); + } + + if (new_data_fn) { + FreeValue(new_data_fn); + } + + if (patch_data_fn) { + FreeValue(patch_data_fn); + } + + // Only delete the stash if the update cannot be resumed, or it's + // a verification run and we created the stash. + if (params.isunresumable || (!params.canwrite && params.createdstash)) { + DeleteStash(params.stashbase); + } + + if (params.stashbase) { + free(params.stashbase); + } + + return StringValue(rc == 0 ? strdup("t") : strdup("")); +} + +// The transfer list is a text file containing commands to +// transfer data from one place to another on the target +// partition. We parse it and execute the commands in order: +// +// zero [rangeset] +// - fill the indicated blocks with zeros +// +// new [rangeset] +// - fill the blocks with data read from the new_data file +// +// erase [rangeset] +// - mark the given blocks as empty +// +// move <...> +// bsdiff <...> +// imgdiff <...> +// - read the source blocks, apply a patch (or not in the +// case of move), write result to target blocks. bsdiff or +// imgdiff specifies the type of patch; move means no patch +// at all. +// +// The format of <...> differs between versions 1 and 2; +// see the LoadSrcTgtVersion{1,2}() functions for a +// description of what's expected. +// +// stash +// - (version 2+ only) load the given source range and stash +// the data in the given slot of the stash table. +// +// The creator of the transfer list will guarantee that no block +// is read (ie, used as the source for a patch or move) after it +// has been written. +// +// In version 2, the creator will guarantee that a given stash is +// loaded (with a stash command) before it's used in a +// move/bsdiff/imgdiff command. +// +// Within one command the source and target ranges may overlap so +// in general we need to read the entire source into memory before +// writing anything to the target blocks. +// +// All the patch data is concatenated into one patch_data file in +// the update package. It must be stored uncompressed because we +// memory-map it in directly from the archive. (Since patches are +// already compressed, we lose very little by not compressing +// their concatenation.) +// +// In version 3, commands that read data from the partition (i.e. +// move/bsdiff/imgdiff/stash) have one or more additional hashes +// before the range parameters, which are used to check if the +// command has already been completed and verify the integrity of +// the source data. + +Value* BlockImageVerifyFn(const char* name, State* state, int argc, Expr* argv[]) { + // Commands which are not tested are set to NULL to skip them completely + const Command commands[] = { + { "bsdiff", PerformCommandDiff }, + { "erase", NULL }, + { "free", PerformCommandFree }, + { "imgdiff", PerformCommandDiff }, + { "move", PerformCommandMove }, + { "new", NULL }, + { "stash", PerformCommandStash }, + { "zero", NULL } + }; + + // Perform a dry run without writing to test if an update can proceed + return PerformBlockImageUpdate(name, state, argc, argv, commands, + sizeof(commands) / sizeof(commands[0]), 1); +} + +Value* BlockImageUpdateFn(const char* name, State* state, int argc, Expr* argv[]) { + const Command commands[] = { + { "bsdiff", PerformCommandDiff }, + { "erase", PerformCommandErase }, + { "free", PerformCommandFree }, + { "imgdiff", PerformCommandDiff }, + { "move", PerformCommandMove }, + { "new", PerformCommandNew }, + { "stash", PerformCommandStash }, + { "zero", PerformCommandZero } + }; + + return PerformBlockImageUpdate(name, state, argc, argv, commands, + sizeof(commands) / sizeof(commands[0]), 0); +} + +Value* RangeSha1Fn(const char* name, State* state, int argc, Expr* argv[]) { + Value* blockdev_filename; + Value* ranges; + const uint8_t* digest = NULL; + if (ReadValueArgs(state, argv, 2, &blockdev_filename, &ranges) < 0) { + return NULL; + } + + if (blockdev_filename->type != VAL_STRING) { + ErrorAbort(state, "blockdev_filename argument to %s must be string", name); + goto done; + } + if (ranges->type != VAL_STRING) { + ErrorAbort(state, "ranges argument to %s must be string", name); + goto done; + } + + int fd; + fd = open(blockdev_filename->data, O_RDWR); + if (fd < 0) { + ErrorAbort(state, "open \"%s\" failed: %s", blockdev_filename->data, strerror(errno)); + goto done; + } + + RangeSet* rs; + rs = parse_range(ranges->data); + uint8_t buffer[BLOCKSIZE]; + + SHA_CTX ctx; + SHA_init(&ctx); + + int i, j; + for (i = 0; i < rs->count; ++i) { + if (!check_lseek(fd, (off64_t)rs->pos[i*2] * BLOCKSIZE, SEEK_SET)) { + ErrorAbort(state, "failed to seek %s: %s", blockdev_filename->data, + strerror(errno)); + goto done; + } + + for (j = rs->pos[i*2]; j < rs->pos[i*2+1]; ++j) { + if (read_all(fd, buffer, BLOCKSIZE) == -1) { + ErrorAbort(state, "failed to read %s: %s", blockdev_filename->data, + strerror(errno)); + goto done; + } + + SHA_update(&ctx, buffer, BLOCKSIZE); + } + } + digest = SHA_final(&ctx); + close(fd); + + done: + FreeValue(blockdev_filename); + FreeValue(ranges); + if (digest == NULL) { + return StringValue(strdup("")); + } else { + return StringValue(PrintSha1(digest)); + } +} + +void RegisterBlockImageFunctions() { + RegisterFunction("block_image_verify", BlockImageVerifyFn); + RegisterFunction("block_image_update", BlockImageUpdateFn); + RegisterFunction("range_sha1", RangeSha1Fn); +} diff --git a/updater/install.c b/updater/install.c deleted file mode 100644 index 4a0e064c3..000000000 --- a/updater/install.c +++ /dev/null @@ -1,1630 +0,0 @@ -/* - * Copyright (C) 2009 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "bootloader.h" -#include "applypatch/applypatch.h" -#include "cutils/android_reboot.h" -#include "cutils/misc.h" -#include "cutils/properties.h" -#include "edify/expr.h" -#include "mincrypt/sha.h" -#include "minzip/DirUtil.h" -#include "mtdutils/mounts.h" -#include "mtdutils/mtdutils.h" -#include "updater.h" -#include "install.h" -#include "tune2fs.h" - -#ifdef USE_EXT4 -#include "make_ext4fs.h" -#include "wipe.h" -#endif - -void uiPrint(State* state, char* buffer) { - char* line = strtok(buffer, "\n"); - UpdaterInfo* ui = (UpdaterInfo*)(state->cookie); - while (line) { - fprintf(ui->cmd_pipe, "ui_print %s\n", line); - line = strtok(NULL, "\n"); - } - fprintf(ui->cmd_pipe, "ui_print\n"); - - // The recovery will only print the contents to screen for pipe command - // ui_print. We need to dump the contents to stderr (which has been - // redirected to the log file) directly. - fprintf(stderr, "%s", buffer); -} - -__attribute__((__format__(printf, 2, 3))) __nonnull((2)) -void uiPrintf(State* state, const char* format, ...) { - char error_msg[1024]; - va_list ap; - va_start(ap, format); - vsnprintf(error_msg, sizeof(error_msg), format, ap); - va_end(ap); - uiPrint(state, error_msg); -} - -// Take a sha-1 digest and return it as a newly-allocated hex string. -char* PrintSha1(const uint8_t* digest) { - char* buffer = malloc(SHA_DIGEST_SIZE*2 + 1); - int i; - const char* alphabet = "0123456789abcdef"; - for (i = 0; i < SHA_DIGEST_SIZE; ++i) { - buffer[i*2] = alphabet[(digest[i] >> 4) & 0xf]; - buffer[i*2+1] = alphabet[digest[i] & 0xf]; - } - buffer[i*2] = '\0'; - return buffer; -} - -// mount(fs_type, partition_type, location, mount_point) -// -// fs_type="yaffs2" partition_type="MTD" location=partition -// fs_type="ext4" partition_type="EMMC" location=device -Value* MountFn(const char* name, State* state, int argc, Expr* argv[]) { - char* result = NULL; - if (argc != 4 && argc != 5) { - return ErrorAbort(state, "%s() expects 4-5 args, got %d", name, argc); - } - char* fs_type; - char* partition_type; - char* location; - char* mount_point; - char* mount_options; - bool has_mount_options; - if (argc == 5) { - has_mount_options = true; - if (ReadArgs(state, argv, 5, &fs_type, &partition_type, - &location, &mount_point, &mount_options) < 0) { - return NULL; - } - } else { - has_mount_options = false; - if (ReadArgs(state, argv, 4, &fs_type, &partition_type, - &location, &mount_point) < 0) { - return NULL; - } - } - - if (strlen(fs_type) == 0) { - ErrorAbort(state, "fs_type argument to %s() can't be empty", name); - goto done; - } - if (strlen(partition_type) == 0) { - ErrorAbort(state, "partition_type argument to %s() can't be empty", - name); - goto done; - } - if (strlen(location) == 0) { - ErrorAbort(state, "location argument to %s() can't be empty", name); - goto done; - } - if (strlen(mount_point) == 0) { - ErrorAbort(state, "mount_point argument to %s() can't be empty", name); - goto done; - } - - char *secontext = NULL; - - if (sehandle) { - selabel_lookup(sehandle, &secontext, mount_point, 0755); - setfscreatecon(secontext); - } - - mkdir(mount_point, 0755); - - if (secontext) { - freecon(secontext); - setfscreatecon(NULL); - } - - if (strcmp(partition_type, "MTD") == 0) { - mtd_scan_partitions(); - const MtdPartition* mtd; - mtd = mtd_find_partition_by_name(location); - if (mtd == NULL) { - uiPrintf(state, "%s: no mtd partition named \"%s\"", - name, location); - result = strdup(""); - goto done; - } - if (mtd_mount_partition(mtd, mount_point, fs_type, 0 /* rw */) != 0) { - uiPrintf(state, "mtd mount of %s failed: %s\n", - location, strerror(errno)); - result = strdup(""); - goto done; - } - result = mount_point; - } else { - if (mount(location, mount_point, fs_type, - MS_NOATIME | MS_NODEV | MS_NODIRATIME, - has_mount_options ? mount_options : "") < 0) { - uiPrintf(state, "%s: failed to mount %s at %s: %s\n", - name, location, mount_point, strerror(errno)); - result = strdup(""); - } else { - result = mount_point; - } - } - -done: - free(fs_type); - free(partition_type); - free(location); - if (result != mount_point) free(mount_point); - if (has_mount_options) free(mount_options); - return StringValue(result); -} - - -// is_mounted(mount_point) -Value* IsMountedFn(const char* name, State* state, int argc, Expr* argv[]) { - char* result = NULL; - if (argc != 1) { - return ErrorAbort(state, "%s() expects 1 arg, got %d", name, argc); - } - char* mount_point; - if (ReadArgs(state, argv, 1, &mount_point) < 0) { - return NULL; - } - if (strlen(mount_point) == 0) { - ErrorAbort(state, "mount_point argument to unmount() can't be empty"); - goto done; - } - - scan_mounted_volumes(); - const MountedVolume* vol = find_mounted_volume_by_mount_point(mount_point); - if (vol == NULL) { - result = strdup(""); - } else { - result = mount_point; - } - -done: - if (result != mount_point) free(mount_point); - return StringValue(result); -} - - -Value* UnmountFn(const char* name, State* state, int argc, Expr* argv[]) { - char* result = NULL; - if (argc != 1) { - return ErrorAbort(state, "%s() expects 1 arg, got %d", name, argc); - } - char* mount_point; - if (ReadArgs(state, argv, 1, &mount_point) < 0) { - return NULL; - } - if (strlen(mount_point) == 0) { - ErrorAbort(state, "mount_point argument to unmount() can't be empty"); - goto done; - } - - scan_mounted_volumes(); - const MountedVolume* vol = find_mounted_volume_by_mount_point(mount_point); - if (vol == NULL) { - uiPrintf(state, "unmount of %s failed; no such volume\n", mount_point); - result = strdup(""); - } else { - int ret = unmount_mounted_volume(vol); - if (ret != 0) { - uiPrintf(state, "unmount of %s failed (%d): %s\n", - mount_point, ret, strerror(errno)); - } - result = mount_point; - } - -done: - if (result != mount_point) free(mount_point); - return StringValue(result); -} - -static int exec_cmd(const char* path, char* const argv[]) { - int status; - pid_t child; - if ((child = vfork()) == 0) { - execv(path, argv); - _exit(-1); - } - waitpid(child, &status, 0); - if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) { - printf("%s failed with status %d\n", path, WEXITSTATUS(status)); - } - return WEXITSTATUS(status); -} - - -// format(fs_type, partition_type, location, fs_size, mount_point) -// -// fs_type="yaffs2" partition_type="MTD" location=partition fs_size= mount_point= -// fs_type="ext4" partition_type="EMMC" location=device fs_size= mount_point= -// fs_type="f2fs" partition_type="EMMC" location=device fs_size= mount_point= -// if fs_size == 0, then make fs uses the entire partition. -// if fs_size > 0, that is the size to use -// if fs_size < 0, then reserve that many bytes at the end of the partition (not for "f2fs") -Value* FormatFn(const char* name, State* state, int argc, Expr* argv[]) { - char* result = NULL; - if (argc != 5) { - return ErrorAbort(state, "%s() expects 5 args, got %d", name, argc); - } - char* fs_type; - char* partition_type; - char* location; - char* fs_size; - char* mount_point; - - if (ReadArgs(state, argv, 5, &fs_type, &partition_type, &location, &fs_size, &mount_point) < 0) { - return NULL; - } - - if (strlen(fs_type) == 0) { - ErrorAbort(state, "fs_type argument to %s() can't be empty", name); - goto done; - } - if (strlen(partition_type) == 0) { - ErrorAbort(state, "partition_type argument to %s() can't be empty", - name); - goto done; - } - if (strlen(location) == 0) { - ErrorAbort(state, "location argument to %s() can't be empty", name); - goto done; - } - - if (strlen(mount_point) == 0) { - ErrorAbort(state, "mount_point argument to %s() can't be empty", name); - goto done; - } - - if (strcmp(partition_type, "MTD") == 0) { - mtd_scan_partitions(); - const MtdPartition* mtd = mtd_find_partition_by_name(location); - if (mtd == NULL) { - printf("%s: no mtd partition named \"%s\"", - name, location); - result = strdup(""); - goto done; - } - MtdWriteContext* ctx = mtd_write_partition(mtd); - if (ctx == NULL) { - printf("%s: can't write \"%s\"", name, location); - result = strdup(""); - goto done; - } - if (mtd_erase_blocks(ctx, -1) == -1) { - mtd_write_close(ctx); - printf("%s: failed to erase \"%s\"", name, location); - result = strdup(""); - goto done; - } - if (mtd_write_close(ctx) != 0) { - printf("%s: failed to close \"%s\"", name, location); - result = strdup(""); - goto done; - } - result = location; -#ifdef USE_EXT4 - } else if (strcmp(fs_type, "ext4") == 0) { - int status = make_ext4fs(location, atoll(fs_size), mount_point, sehandle); - if (status != 0) { - printf("%s: make_ext4fs failed (%d) on %s", - name, status, location); - result = strdup(""); - goto done; - } - result = location; - } else if (strcmp(fs_type, "f2fs") == 0) { - char *num_sectors; - if (asprintf(&num_sectors, "%lld", atoll(fs_size) / 512) <= 0) { - printf("format_volume: failed to create %s command for %s\n", fs_type, location); - result = strdup(""); - goto done; - } - const char *f2fs_path = "/sbin/mkfs.f2fs"; - const char* const f2fs_argv[] = {"mkfs.f2fs", "-t", "-d1", location, num_sectors, NULL}; - int status = exec_cmd(f2fs_path, (char* const*)f2fs_argv); - free(num_sectors); - if (status != 0) { - printf("%s: mkfs.f2fs failed (%d) on %s", - name, status, location); - result = strdup(""); - goto done; - } - result = location; -#endif - } else { - printf("%s: unsupported fs_type \"%s\" partition_type \"%s\"", - name, fs_type, partition_type); - } - -done: - free(fs_type); - free(partition_type); - if (result != location) free(location); - return StringValue(result); -} - -Value* RenameFn(const char* name, State* state, int argc, Expr* argv[]) { - char* result = NULL; - if (argc != 2) { - return ErrorAbort(state, "%s() expects 2 args, got %d", name, argc); - } - - char* src_name; - char* dst_name; - - if (ReadArgs(state, argv, 2, &src_name, &dst_name) < 0) { - return NULL; - } - if (strlen(src_name) == 0) { - ErrorAbort(state, "src_name argument to %s() can't be empty", name); - goto done; - } - if (strlen(dst_name) == 0) { - ErrorAbort(state, "dst_name argument to %s() can't be empty", name); - goto done; - } - if (make_parents(dst_name) != 0) { - ErrorAbort(state, "Creating parent of %s failed, error %s", - dst_name, strerror(errno)); - } else if (access(dst_name, F_OK) == 0 && access(src_name, F_OK) != 0) { - // File was already moved - result = dst_name; - } else if (rename(src_name, dst_name) != 0) { - ErrorAbort(state, "Rename of %s to %s failed, error %s", - src_name, dst_name, strerror(errno)); - } else { - result = dst_name; - } - -done: - free(src_name); - if (result != dst_name) free(dst_name); - return StringValue(result); -} - -Value* DeleteFn(const char* name, State* state, int argc, Expr* argv[]) { - char** paths = malloc(argc * sizeof(char*)); - int i; - for (i = 0; i < argc; ++i) { - paths[i] = Evaluate(state, argv[i]); - if (paths[i] == NULL) { - int j; - for (j = 0; j < i; ++i) { - free(paths[j]); - } - free(paths); - return NULL; - } - } - - bool recursive = (strcmp(name, "delete_recursive") == 0); - - int success = 0; - for (i = 0; i < argc; ++i) { - if ((recursive ? dirUnlinkHierarchy(paths[i]) : unlink(paths[i])) == 0) - ++success; - free(paths[i]); - } - free(paths); - - char buffer[10]; - sprintf(buffer, "%d", success); - return StringValue(strdup(buffer)); -} - - -Value* ShowProgressFn(const char* name, State* state, int argc, Expr* argv[]) { - if (argc != 2) { - return ErrorAbort(state, "%s() expects 2 args, got %d", name, argc); - } - char* frac_str; - char* sec_str; - if (ReadArgs(state, argv, 2, &frac_str, &sec_str) < 0) { - return NULL; - } - - double frac = strtod(frac_str, NULL); - int sec = strtol(sec_str, NULL, 10); - - UpdaterInfo* ui = (UpdaterInfo*)(state->cookie); - fprintf(ui->cmd_pipe, "progress %f %d\n", frac, sec); - - free(sec_str); - return StringValue(frac_str); -} - -Value* SetProgressFn(const char* name, State* state, int argc, Expr* argv[]) { - if (argc != 1) { - return ErrorAbort(state, "%s() expects 1 arg, got %d", name, argc); - } - char* frac_str; - if (ReadArgs(state, argv, 1, &frac_str) < 0) { - return NULL; - } - - double frac = strtod(frac_str, NULL); - - UpdaterInfo* ui = (UpdaterInfo*)(state->cookie); - fprintf(ui->cmd_pipe, "set_progress %f\n", frac); - - return StringValue(frac_str); -} - -// package_extract_dir(package_path, destination_path) -Value* PackageExtractDirFn(const char* name, State* state, - int argc, Expr* argv[]) { - if (argc != 2) { - return ErrorAbort(state, "%s() expects 2 args, got %d", name, argc); - } - char* zip_path; - char* dest_path; - if (ReadArgs(state, argv, 2, &zip_path, &dest_path) < 0) return NULL; - - ZipArchive* za = ((UpdaterInfo*)(state->cookie))->package_zip; - - // To create a consistent system image, never use the clock for timestamps. - struct utimbuf timestamp = { 1217592000, 1217592000 }; // 8/1/2008 default - - bool success = mzExtractRecursive(za, zip_path, dest_path, - ×tamp, - NULL, NULL, sehandle); - free(zip_path); - free(dest_path); - return StringValue(strdup(success ? "t" : "")); -} - - -// package_extract_file(package_path, destination_path) -// or -// package_extract_file(package_path) -// to return the entire contents of the file as the result of this -// function (the char* returned is actually a FileContents*). -Value* PackageExtractFileFn(const char* name, State* state, - int argc, Expr* argv[]) { - if (argc < 1 || argc > 2) { - return ErrorAbort(state, "%s() expects 1 or 2 args, got %d", - name, argc); - } - bool success = false; - - UpdaterInfo* ui = (UpdaterInfo*)(state->cookie); - - if (argc == 2) { - // The two-argument version extracts to a file. - - ZipArchive* za = ((UpdaterInfo*)(state->cookie))->package_zip; - - char* zip_path; - char* dest_path; - if (ReadArgs(state, argv, 2, &zip_path, &dest_path) < 0) return NULL; - - const ZipEntry* entry = mzFindZipEntry(za, zip_path); - if (entry == NULL) { - printf("%s: no %s in package\n", name, zip_path); - goto done2; - } - - FILE* f = fopen(dest_path, "wb"); - if (f == NULL) { - printf("%s: can't open %s for write: %s\n", - name, dest_path, strerror(errno)); - goto done2; - } - success = mzExtractZipEntryToFile(za, entry, fileno(f)); - fclose(f); - - done2: - free(zip_path); - free(dest_path); - return StringValue(strdup(success ? "t" : "")); - } else { - // The one-argument version returns the contents of the file - // as the result. - - char* zip_path; - Value* v = malloc(sizeof(Value)); - v->type = VAL_BLOB; - v->size = -1; - v->data = NULL; - - if (ReadArgs(state, argv, 1, &zip_path) < 0) return NULL; - - ZipArchive* za = ((UpdaterInfo*)(state->cookie))->package_zip; - const ZipEntry* entry = mzFindZipEntry(za, zip_path); - if (entry == NULL) { - printf("%s: no %s in package\n", name, zip_path); - goto done1; - } - - v->size = mzGetZipEntryUncompLen(entry); - v->data = malloc(v->size); - if (v->data == NULL) { - printf("%s: failed to allocate %ld bytes for %s\n", - name, (long)v->size, zip_path); - goto done1; - } - - success = mzExtractZipEntryToBuffer(za, entry, - (unsigned char *)v->data); - - done1: - free(zip_path); - if (!success) { - free(v->data); - v->data = NULL; - v->size = -1; - } - return v; - } -} - -// Create all parent directories of name, if necessary. -static int make_parents(char* name) { - char* p; - for (p = name + (strlen(name)-1); p > name; --p) { - if (*p != '/') continue; - *p = '\0'; - if (make_parents(name) < 0) return -1; - int result = mkdir(name, 0700); - if (result == 0) printf("created [%s]\n", name); - *p = '/'; - if (result == 0 || errno == EEXIST) { - // successfully created or already existed; we're done - return 0; - } else { - printf("failed to mkdir %s: %s\n", name, strerror(errno)); - return -1; - } - } - return 0; -} - -// symlink target src1 src2 ... -// unlinks any previously existing src1, src2, etc before creating symlinks. -Value* SymlinkFn(const char* name, State* state, int argc, Expr* argv[]) { - if (argc == 0) { - return ErrorAbort(state, "%s() expects 1+ args, got %d", name, argc); - } - char* target; - target = Evaluate(state, argv[0]); - if (target == NULL) return NULL; - - char** srcs = ReadVarArgs(state, argc-1, argv+1); - if (srcs == NULL) { - free(target); - return NULL; - } - - int bad = 0; - int i; - for (i = 0; i < argc-1; ++i) { - if (unlink(srcs[i]) < 0) { - if (errno != ENOENT) { - printf("%s: failed to remove %s: %s\n", - name, srcs[i], strerror(errno)); - ++bad; - } - } - if (make_parents(srcs[i])) { - printf("%s: failed to symlink %s to %s: making parents failed\n", - name, srcs[i], target); - ++bad; - } - if (symlink(target, srcs[i]) < 0) { - printf("%s: failed to symlink %s to %s: %s\n", - name, srcs[i], target, strerror(errno)); - ++bad; - } - free(srcs[i]); - } - free(srcs); - if (bad) { - return ErrorAbort(state, "%s: some symlinks failed", name); - } - return StringValue(strdup("")); -} - -struct perm_parsed_args { - bool has_uid; - uid_t uid; - bool has_gid; - gid_t gid; - bool has_mode; - mode_t mode; - bool has_fmode; - mode_t fmode; - bool has_dmode; - mode_t dmode; - bool has_selabel; - char* selabel; - bool has_capabilities; - uint64_t capabilities; -}; - -static struct perm_parsed_args ParsePermArgs(State * state, int argc, char** args) { - int i; - struct perm_parsed_args parsed; - int bad = 0; - static int max_warnings = 20; - - memset(&parsed, 0, sizeof(parsed)); - - for (i = 1; i < argc; i += 2) { - if (strcmp("uid", args[i]) == 0) { - int64_t uid; - if (sscanf(args[i+1], "%" SCNd64, &uid) == 1) { - parsed.uid = uid; - parsed.has_uid = true; - } else { - uiPrintf(state, "ParsePermArgs: invalid UID \"%s\"\n", args[i + 1]); - bad++; - } - continue; - } - if (strcmp("gid", args[i]) == 0) { - int64_t gid; - if (sscanf(args[i+1], "%" SCNd64, &gid) == 1) { - parsed.gid = gid; - parsed.has_gid = true; - } else { - uiPrintf(state, "ParsePermArgs: invalid GID \"%s\"\n", args[i + 1]); - bad++; - } - continue; - } - if (strcmp("mode", args[i]) == 0) { - int32_t mode; - if (sscanf(args[i+1], "%" SCNi32, &mode) == 1) { - parsed.mode = mode; - parsed.has_mode = true; - } else { - uiPrintf(state, "ParsePermArgs: invalid mode \"%s\"\n", args[i + 1]); - bad++; - } - continue; - } - if (strcmp("dmode", args[i]) == 0) { - int32_t mode; - if (sscanf(args[i+1], "%" SCNi32, &mode) == 1) { - parsed.dmode = mode; - parsed.has_dmode = true; - } else { - uiPrintf(state, "ParsePermArgs: invalid dmode \"%s\"\n", args[i + 1]); - bad++; - } - continue; - } - if (strcmp("fmode", args[i]) == 0) { - int32_t mode; - if (sscanf(args[i+1], "%" SCNi32, &mode) == 1) { - parsed.fmode = mode; - parsed.has_fmode = true; - } else { - uiPrintf(state, "ParsePermArgs: invalid fmode \"%s\"\n", args[i + 1]); - bad++; - } - continue; - } - if (strcmp("capabilities", args[i]) == 0) { - int64_t capabilities; - if (sscanf(args[i+1], "%" SCNi64, &capabilities) == 1) { - parsed.capabilities = capabilities; - parsed.has_capabilities = true; - } else { - uiPrintf(state, "ParsePermArgs: invalid capabilities \"%s\"\n", args[i + 1]); - bad++; - } - continue; - } - if (strcmp("selabel", args[i]) == 0) { - if (args[i+1][0] != '\0') { - parsed.selabel = args[i+1]; - parsed.has_selabel = true; - } else { - uiPrintf(state, "ParsePermArgs: invalid selabel \"%s\"\n", args[i + 1]); - bad++; - } - continue; - } - if (max_warnings != 0) { - printf("ParsedPermArgs: unknown key \"%s\", ignoring\n", args[i]); - max_warnings--; - if (max_warnings == 0) { - printf("ParsedPermArgs: suppressing further warnings\n"); - } - } - } - return parsed; -} - -static int ApplyParsedPerms( - State * state, - const char* filename, - const struct stat *statptr, - struct perm_parsed_args parsed) -{ - int bad = 0; - - if (parsed.has_selabel) { - if (lsetfilecon(filename, parsed.selabel) != 0) { - uiPrintf(state, "ApplyParsedPerms: lsetfilecon of %s to %s failed: %s\n", - filename, parsed.selabel, strerror(errno)); - bad++; - } - } - - /* ignore symlinks */ - if (S_ISLNK(statptr->st_mode)) { - return bad; - } - - if (parsed.has_uid) { - if (chown(filename, parsed.uid, -1) < 0) { - uiPrintf(state, "ApplyParsedPerms: chown of %s to %d failed: %s\n", - filename, parsed.uid, strerror(errno)); - bad++; - } - } - - if (parsed.has_gid) { - if (chown(filename, -1, parsed.gid) < 0) { - uiPrintf(state, "ApplyParsedPerms: chgrp of %s to %d failed: %s\n", - filename, parsed.gid, strerror(errno)); - bad++; - } - } - - if (parsed.has_mode) { - if (chmod(filename, parsed.mode) < 0) { - uiPrintf(state, "ApplyParsedPerms: chmod of %s to %d failed: %s\n", - filename, parsed.mode, strerror(errno)); - bad++; - } - } - - if (parsed.has_dmode && S_ISDIR(statptr->st_mode)) { - if (chmod(filename, parsed.dmode) < 0) { - uiPrintf(state, "ApplyParsedPerms: chmod of %s to %d failed: %s\n", - filename, parsed.dmode, strerror(errno)); - bad++; - } - } - - if (parsed.has_fmode && S_ISREG(statptr->st_mode)) { - if (chmod(filename, parsed.fmode) < 0) { - uiPrintf(state, "ApplyParsedPerms: chmod of %s to %d failed: %s\n", - filename, parsed.fmode, strerror(errno)); - bad++; - } - } - - if (parsed.has_capabilities && S_ISREG(statptr->st_mode)) { - if (parsed.capabilities == 0) { - if ((removexattr(filename, XATTR_NAME_CAPS) == -1) && (errno != ENODATA)) { - // Report failure unless it's ENODATA (attribute not set) - uiPrintf(state, "ApplyParsedPerms: removexattr of %s to %" PRIx64 " failed: %s\n", - filename, parsed.capabilities, strerror(errno)); - bad++; - } - } else { - struct vfs_cap_data cap_data; - memset(&cap_data, 0, sizeof(cap_data)); - cap_data.magic_etc = VFS_CAP_REVISION | VFS_CAP_FLAGS_EFFECTIVE; - cap_data.data[0].permitted = (uint32_t) (parsed.capabilities & 0xffffffff); - cap_data.data[0].inheritable = 0; - cap_data.data[1].permitted = (uint32_t) (parsed.capabilities >> 32); - cap_data.data[1].inheritable = 0; - if (setxattr(filename, XATTR_NAME_CAPS, &cap_data, sizeof(cap_data), 0) < 0) { - uiPrintf(state, "ApplyParsedPerms: setcap of %s to %" PRIx64 " failed: %s\n", - filename, parsed.capabilities, strerror(errno)); - bad++; - } - } - } - - return bad; -} - -// nftw doesn't allow us to pass along context, so we need to use -// global variables. *sigh* -static struct perm_parsed_args recursive_parsed_args; -static State* recursive_state; - -static int do_SetMetadataRecursive(const char* filename, const struct stat *statptr, - int fileflags, struct FTW *pfwt) { - return ApplyParsedPerms(recursive_state, filename, statptr, recursive_parsed_args); -} - -static Value* SetMetadataFn(const char* name, State* state, int argc, Expr* argv[]) { - int i; - int bad = 0; - static int nwarnings = 0; - struct stat sb; - Value* result = NULL; - - bool recursive = (strcmp(name, "set_metadata_recursive") == 0); - - if ((argc % 2) != 1) { - return ErrorAbort(state, "%s() expects an odd number of arguments, got %d", - name, argc); - } - - char** args = ReadVarArgs(state, argc, argv); - if (args == NULL) return NULL; - - if (lstat(args[0], &sb) == -1) { - result = ErrorAbort(state, "%s: Error on lstat of \"%s\": %s", name, args[0], strerror(errno)); - goto done; - } - - struct perm_parsed_args parsed = ParsePermArgs(state, argc, args); - - if (recursive) { - recursive_parsed_args = parsed; - recursive_state = state; - bad += nftw(args[0], do_SetMetadataRecursive, 30, FTW_CHDIR | FTW_DEPTH | FTW_PHYS); - memset(&recursive_parsed_args, 0, sizeof(recursive_parsed_args)); - recursive_state = NULL; - } else { - bad += ApplyParsedPerms(state, args[0], &sb, parsed); - } - -done: - for (i = 0; i < argc; ++i) { - free(args[i]); - } - free(args); - - if (result != NULL) { - return result; - } - - if (bad > 0) { - return ErrorAbort(state, "%s: some changes failed", name); - } - - return StringValue(strdup("")); -} - -Value* GetPropFn(const char* name, State* state, int argc, Expr* argv[]) { - if (argc != 1) { - return ErrorAbort(state, "%s() expects 1 arg, got %d", name, argc); - } - char* key; - key = Evaluate(state, argv[0]); - if (key == NULL) return NULL; - - char value[PROPERTY_VALUE_MAX]; - property_get(key, value, ""); - free(key); - - return StringValue(strdup(value)); -} - - -// file_getprop(file, key) -// -// interprets 'file' as a getprop-style file (key=value pairs, one -// per line. # comment lines,blank lines, lines without '=' ignored), -// and returns the value for 'key' (or "" if it isn't defined). -Value* FileGetPropFn(const char* name, State* state, int argc, Expr* argv[]) { - char* result = NULL; - char* buffer = NULL; - char* filename; - char* key; - if (ReadArgs(state, argv, 2, &filename, &key) < 0) { - return NULL; - } - - struct stat st; - if (stat(filename, &st) < 0) { - ErrorAbort(state, "%s: failed to stat \"%s\": %s", - name, filename, strerror(errno)); - goto done; - } - -#define MAX_FILE_GETPROP_SIZE 65536 - - if (st.st_size > MAX_FILE_GETPROP_SIZE) { - ErrorAbort(state, "%s too large for %s (max %d)", - filename, name, MAX_FILE_GETPROP_SIZE); - goto done; - } - - buffer = malloc(st.st_size+1); - if (buffer == NULL) { - ErrorAbort(state, "%s: failed to alloc %lld bytes", name, (long long)st.st_size+1); - goto done; - } - - FILE* f = fopen(filename, "rb"); - if (f == NULL) { - ErrorAbort(state, "%s: failed to open %s: %s", - name, filename, strerror(errno)); - goto done; - } - - if (fread(buffer, 1, st.st_size, f) != st.st_size) { - ErrorAbort(state, "%s: failed to read %lld bytes from %s", - name, (long long)st.st_size+1, filename); - fclose(f); - goto done; - } - buffer[st.st_size] = '\0'; - - fclose(f); - - char* line = strtok(buffer, "\n"); - do { - // skip whitespace at start of line - while (*line && isspace(*line)) ++line; - - // comment or blank line: skip to next line - if (*line == '\0' || *line == '#') continue; - - char* equal = strchr(line, '='); - if (equal == NULL) { - continue; - } - - // trim whitespace between key and '=' - char* key_end = equal-1; - while (key_end > line && isspace(*key_end)) --key_end; - key_end[1] = '\0'; - - // not the key we're looking for - if (strcmp(key, line) != 0) continue; - - // skip whitespace after the '=' to the start of the value - char* val_start = equal+1; - while(*val_start && isspace(*val_start)) ++val_start; - - // trim trailing whitespace - char* val_end = val_start + strlen(val_start)-1; - while (val_end > val_start && isspace(*val_end)) --val_end; - val_end[1] = '\0'; - - result = strdup(val_start); - break; - - } while ((line = strtok(NULL, "\n"))); - - if (result == NULL) result = strdup(""); - - done: - free(filename); - free(key); - free(buffer); - return StringValue(result); -} - - -static bool write_raw_image_cb(const unsigned char* data, - int data_len, void* ctx) { - int r = mtd_write_data((MtdWriteContext*)ctx, (const char *)data, data_len); - if (r == data_len) return true; - printf("%s\n", strerror(errno)); - return false; -} - -// write_raw_image(filename_or_blob, partition) -Value* WriteRawImageFn(const char* name, State* state, int argc, Expr* argv[]) { - char* result = NULL; - - Value* partition_value; - Value* contents; - if (ReadValueArgs(state, argv, 2, &contents, &partition_value) < 0) { - return NULL; - } - - char* partition = NULL; - if (partition_value->type != VAL_STRING) { - ErrorAbort(state, "partition argument to %s must be string", name); - goto done; - } - partition = partition_value->data; - if (strlen(partition) == 0) { - ErrorAbort(state, "partition argument to %s can't be empty", name); - goto done; - } - if (contents->type == VAL_STRING && strlen((char*) contents->data) == 0) { - ErrorAbort(state, "file argument to %s can't be empty", name); - goto done; - } - - mtd_scan_partitions(); - const MtdPartition* mtd = mtd_find_partition_by_name(partition); - if (mtd == NULL) { - printf("%s: no mtd partition named \"%s\"\n", name, partition); - result = strdup(""); - goto done; - } - - MtdWriteContext* ctx = mtd_write_partition(mtd); - if (ctx == NULL) { - printf("%s: can't write mtd partition \"%s\"\n", - name, partition); - result = strdup(""); - goto done; - } - - bool success; - - if (contents->type == VAL_STRING) { - // we're given a filename as the contents - char* filename = contents->data; - FILE* f = fopen(filename, "rb"); - if (f == NULL) { - printf("%s: can't open %s: %s\n", - name, filename, strerror(errno)); - result = strdup(""); - goto done; - } - - success = true; - char* buffer = malloc(BUFSIZ); - int read; - while (success && (read = fread(buffer, 1, BUFSIZ, f)) > 0) { - int wrote = mtd_write_data(ctx, buffer, read); - success = success && (wrote == read); - } - free(buffer); - fclose(f); - } else { - // we're given a blob as the contents - ssize_t wrote = mtd_write_data(ctx, contents->data, contents->size); - success = (wrote == contents->size); - } - if (!success) { - printf("mtd_write_data to %s failed: %s\n", - partition, strerror(errno)); - } - - if (mtd_erase_blocks(ctx, -1) == -1) { - printf("%s: error erasing blocks of %s\n", name, partition); - } - if (mtd_write_close(ctx) != 0) { - printf("%s: error closing write of %s\n", name, partition); - } - - printf("%s %s partition\n", - success ? "wrote" : "failed to write", partition); - - result = success ? partition : strdup(""); - -done: - if (result != partition) FreeValue(partition_value); - FreeValue(contents); - return StringValue(result); -} - -// apply_patch_space(bytes) -Value* ApplyPatchSpaceFn(const char* name, State* state, - int argc, Expr* argv[]) { - char* bytes_str; - if (ReadArgs(state, argv, 1, &bytes_str) < 0) { - return NULL; - } - - char* endptr; - size_t bytes = strtol(bytes_str, &endptr, 10); - if (bytes == 0 && endptr == bytes_str) { - ErrorAbort(state, "%s(): can't parse \"%s\" as byte count\n\n", - name, bytes_str); - free(bytes_str); - return NULL; - } - - return StringValue(strdup(CacheSizeCheck(bytes) ? "" : "t")); -} - -// apply_patch(file, size, init_sha1, tgt_sha1, patch) - -Value* ApplyPatchFn(const char* name, State* state, int argc, Expr* argv[]) { - if (argc < 6 || (argc % 2) == 1) { - return ErrorAbort(state, "%s(): expected at least 6 args and an " - "even number, got %d", - name, argc); - } - - char* source_filename; - char* target_filename; - char* target_sha1; - char* target_size_str; - if (ReadArgs(state, argv, 4, &source_filename, &target_filename, - &target_sha1, &target_size_str) < 0) { - return NULL; - } - - char* endptr; - size_t target_size = strtol(target_size_str, &endptr, 10); - if (target_size == 0 && endptr == target_size_str) { - ErrorAbort(state, "%s(): can't parse \"%s\" as byte count", - name, target_size_str); - free(source_filename); - free(target_filename); - free(target_sha1); - free(target_size_str); - return NULL; - } - - int patchcount = (argc-4) / 2; - Value** patches = ReadValueVarArgs(state, argc-4, argv+4); - - int i; - for (i = 0; i < patchcount; ++i) { - if (patches[i*2]->type != VAL_STRING) { - ErrorAbort(state, "%s(): sha-1 #%d is not string", name, i); - break; - } - if (patches[i*2+1]->type != VAL_BLOB) { - ErrorAbort(state, "%s(): patch #%d is not blob", name, i); - break; - } - } - if (i != patchcount) { - for (i = 0; i < patchcount*2; ++i) { - FreeValue(patches[i]); - } - free(patches); - return NULL; - } - - char** patch_sha_str = malloc(patchcount * sizeof(char*)); - for (i = 0; i < patchcount; ++i) { - patch_sha_str[i] = patches[i*2]->data; - patches[i*2]->data = NULL; - FreeValue(patches[i*2]); - patches[i] = patches[i*2+1]; - } - - int result = applypatch(source_filename, target_filename, - target_sha1, target_size, - patchcount, patch_sha_str, patches, NULL); - - for (i = 0; i < patchcount; ++i) { - FreeValue(patches[i]); - } - free(patch_sha_str); - free(patches); - - return StringValue(strdup(result == 0 ? "t" : "")); -} - -// apply_patch_check(file, [sha1_1, ...]) -Value* ApplyPatchCheckFn(const char* name, State* state, - int argc, Expr* argv[]) { - if (argc < 1) { - return ErrorAbort(state, "%s(): expected at least 1 arg, got %d", - name, argc); - } - - char* filename; - if (ReadArgs(state, argv, 1, &filename) < 0) { - return NULL; - } - - int patchcount = argc-1; - char** sha1s = ReadVarArgs(state, argc-1, argv+1); - - int result = applypatch_check(filename, patchcount, sha1s); - - int i; - for (i = 0; i < patchcount; ++i) { - free(sha1s[i]); - } - free(sha1s); - - return StringValue(strdup(result == 0 ? "t" : "")); -} - -Value* UIPrintFn(const char* name, State* state, int argc, Expr* argv[]) { - char** args = ReadVarArgs(state, argc, argv); - if (args == NULL) { - return NULL; - } - - int size = 0; - int i; - for (i = 0; i < argc; ++i) { - size += strlen(args[i]); - } - char* buffer = malloc(size+1); - size = 0; - for (i = 0; i < argc; ++i) { - strcpy(buffer+size, args[i]); - size += strlen(args[i]); - free(args[i]); - } - free(args); - buffer[size] = '\0'; - uiPrint(state, buffer); - return StringValue(buffer); -} - -Value* WipeCacheFn(const char* name, State* state, int argc, Expr* argv[]) { - if (argc != 0) { - return ErrorAbort(state, "%s() expects no args, got %d", name, argc); - } - fprintf(((UpdaterInfo*)(state->cookie))->cmd_pipe, "wipe_cache\n"); - return StringValue(strdup("t")); -} - -Value* RunProgramFn(const char* name, State* state, int argc, Expr* argv[]) { - if (argc < 1) { - return ErrorAbort(state, "%s() expects at least 1 arg", name); - } - char** args = ReadVarArgs(state, argc, argv); - if (args == NULL) { - return NULL; - } - - char** args2 = malloc(sizeof(char*) * (argc+1)); - memcpy(args2, args, sizeof(char*) * argc); - args2[argc] = NULL; - - printf("about to run program [%s] with %d args\n", args2[0], argc); - - pid_t child = fork(); - if (child == 0) { - execv(args2[0], args2); - printf("run_program: execv failed: %s\n", strerror(errno)); - _exit(1); - } - int status; - waitpid(child, &status, 0); - if (WIFEXITED(status)) { - if (WEXITSTATUS(status) != 0) { - printf("run_program: child exited with status %d\n", - WEXITSTATUS(status)); - } - } else if (WIFSIGNALED(status)) { - printf("run_program: child terminated by signal %d\n", - WTERMSIG(status)); - } - - int i; - for (i = 0; i < argc; ++i) { - free(args[i]); - } - free(args); - free(args2); - - char buffer[20]; - sprintf(buffer, "%d", status); - - return StringValue(strdup(buffer)); -} - -// sha1_check(data) -// to return the sha1 of the data (given in the format returned by -// read_file). -// -// sha1_check(data, sha1_hex, [sha1_hex, ...]) -// returns the sha1 of the file if it matches any of the hex -// strings passed, or "" if it does not equal any of them. -// -Value* Sha1CheckFn(const char* name, State* state, int argc, Expr* argv[]) { - if (argc < 1) { - return ErrorAbort(state, "%s() expects at least 1 arg", name); - } - - Value** args = ReadValueVarArgs(state, argc, argv); - if (args == NULL) { - return NULL; - } - - if (args[0]->size < 0) { - return StringValue(strdup("")); - } - uint8_t digest[SHA_DIGEST_SIZE]; - SHA_hash(args[0]->data, args[0]->size, digest); - FreeValue(args[0]); - - if (argc == 1) { - return StringValue(PrintSha1(digest)); - } - - int i; - uint8_t* arg_digest = malloc(SHA_DIGEST_SIZE); - for (i = 1; i < argc; ++i) { - if (args[i]->type != VAL_STRING) { - printf("%s(): arg %d is not a string; skipping", - name, i); - } else if (ParseSha1(args[i]->data, arg_digest) != 0) { - // Warn about bad args and skip them. - printf("%s(): error parsing \"%s\" as sha-1; skipping", - name, args[i]->data); - } else if (memcmp(digest, arg_digest, SHA_DIGEST_SIZE) == 0) { - break; - } - FreeValue(args[i]); - } - if (i >= argc) { - // Didn't match any of the hex strings; return false. - return StringValue(strdup("")); - } - // Found a match; free all the remaining arguments and return the - // matched one. - int j; - for (j = i+1; j < argc; ++j) { - FreeValue(args[j]); - } - return args[i]; -} - -// Read a local file and return its contents (the Value* returned -// is actually a FileContents*). -Value* ReadFileFn(const char* name, State* state, int argc, Expr* argv[]) { - if (argc != 1) { - return ErrorAbort(state, "%s() expects 1 arg, got %d", name, argc); - } - char* filename; - if (ReadArgs(state, argv, 1, &filename) < 0) return NULL; - - Value* v = malloc(sizeof(Value)); - v->type = VAL_BLOB; - - FileContents fc; - if (LoadFileContents(filename, &fc) != 0) { - free(filename); - v->size = -1; - v->data = NULL; - free(fc.data); - return v; - } - - v->size = fc.size; - v->data = (char*)fc.data; - - free(filename); - return v; -} - -// Immediately reboot the device. Recovery is not finished normally, -// so if you reboot into recovery it will re-start applying the -// current package (because nothing has cleared the copy of the -// arguments stored in the BCB). -// -// The argument is the partition name passed to the android reboot -// property. It can be "recovery" to boot from the recovery -// partition, or "" (empty string) to boot from the regular boot -// partition. -Value* RebootNowFn(const char* name, State* state, int argc, Expr* argv[]) { - if (argc != 2) { - return ErrorAbort(state, "%s() expects 2 args, got %d", name, argc); - } - - char* filename; - char* property; - if (ReadArgs(state, argv, 2, &filename, &property) < 0) return NULL; - - char buffer[80]; - - // zero out the 'command' field of the bootloader message. - memset(buffer, 0, sizeof(((struct bootloader_message*)0)->command)); - FILE* f = fopen(filename, "r+b"); - fseek(f, offsetof(struct bootloader_message, command), SEEK_SET); - fwrite(buffer, sizeof(((struct bootloader_message*)0)->command), 1, f); - fclose(f); - free(filename); - - strcpy(buffer, "reboot,"); - if (property != NULL) { - strncat(buffer, property, sizeof(buffer)-10); - } - - property_set(ANDROID_RB_PROPERTY, buffer); - - sleep(5); - free(property); - ErrorAbort(state, "%s() failed to reboot", name); - return NULL; -} - -// Store a string value somewhere that future invocations of recovery -// can access it. This value is called the "stage" and can be used to -// drive packages that need to do reboots in the middle of -// installation and keep track of where they are in the multi-stage -// install. -// -// The first argument is the block device for the misc partition -// ("/misc" in the fstab), which is where this value is stored. The -// second argument is the string to store; it should not exceed 31 -// bytes. -Value* SetStageFn(const char* name, State* state, int argc, Expr* argv[]) { - if (argc != 2) { - return ErrorAbort(state, "%s() expects 2 args, got %d", name, argc); - } - - char* filename; - char* stagestr; - if (ReadArgs(state, argv, 2, &filename, &stagestr) < 0) return NULL; - - // Store this value in the misc partition, immediately after the - // bootloader message that the main recovery uses to save its - // arguments in case of the device restarting midway through - // package installation. - FILE* f = fopen(filename, "r+b"); - fseek(f, offsetof(struct bootloader_message, stage), SEEK_SET); - int to_write = strlen(stagestr)+1; - int max_size = sizeof(((struct bootloader_message*)0)->stage); - if (to_write > max_size) { - to_write = max_size; - stagestr[max_size-1] = 0; - } - fwrite(stagestr, to_write, 1, f); - fclose(f); - - free(stagestr); - return StringValue(filename); -} - -// Return the value most recently saved with SetStageFn. The argument -// is the block device for the misc partition. -Value* GetStageFn(const char* name, State* state, int argc, Expr* argv[]) { - if (argc != 1) { - return ErrorAbort(state, "%s() expects 1 arg, got %d", name, argc); - } - - char* filename; - if (ReadArgs(state, argv, 1, &filename) < 0) return NULL; - - char buffer[sizeof(((struct bootloader_message*)0)->stage)]; - FILE* f = fopen(filename, "rb"); - fseek(f, offsetof(struct bootloader_message, stage), SEEK_SET); - fread(buffer, sizeof(buffer), 1, f); - fclose(f); - buffer[sizeof(buffer)-1] = '\0'; - - return StringValue(strdup(buffer)); -} - -Value* WipeBlockDeviceFn(const char* name, State* state, int argc, Expr* argv[]) { - if (argc != 2) { - return ErrorAbort(state, "%s() expects 2 args, got %d", name, argc); - } - - char* filename; - char* len_str; - if (ReadArgs(state, argv, 2, &filename, &len_str) < 0) return NULL; - - size_t len = strtoull(len_str, NULL, 0); - int fd = open(filename, O_WRONLY, 0644); - int success = wipe_block_device(fd, len); - - free(filename); - free(len_str); - - close(fd); - - return StringValue(strdup(success ? "t" : "")); -} - -Value* EnableRebootFn(const char* name, State* state, int argc, Expr* argv[]) { - if (argc != 0) { - return ErrorAbort(state, "%s() expects no args, got %d", name, argc); - } - UpdaterInfo* ui = (UpdaterInfo*)(state->cookie); - fprintf(ui->cmd_pipe, "enable_reboot\n"); - return StringValue(strdup("t")); -} - -Value* Tune2FsFn(const char* name, State* state, int argc, Expr* argv[]) { - if (argc == 0) { - return ErrorAbort(state, "%s() expects args, got %d", name, argc); - } - - char** args = ReadVarArgs(state, argc, argv); - if (args == NULL) { - return ErrorAbort(state, "%s() could not read args", name); - } - - int i; - char** args2 = malloc(sizeof(char*) * (argc+1)); - // Tune2fs expects the program name as its args[0] - args2[0] = strdup(name); - for (i = 0; i < argc; ++i) { - args2[i + 1] = args[i]; - } - int result = tune2fs_main(argc + 1, args2); - for (i = 0; i < argc; ++i) { - free(args[i]); - } - free(args); - - free(args2[0]); - free(args2); - if (result != 0) { - return ErrorAbort(state, "%s() returned error code %d", name, result); - } - return StringValue(strdup("t")); -} - -void RegisterInstallFunctions() { - RegisterFunction("mount", MountFn); - RegisterFunction("is_mounted", IsMountedFn); - RegisterFunction("unmount", UnmountFn); - RegisterFunction("format", FormatFn); - RegisterFunction("show_progress", ShowProgressFn); - RegisterFunction("set_progress", SetProgressFn); - RegisterFunction("delete", DeleteFn); - RegisterFunction("delete_recursive", DeleteFn); - RegisterFunction("package_extract_dir", PackageExtractDirFn); - RegisterFunction("package_extract_file", PackageExtractFileFn); - RegisterFunction("symlink", SymlinkFn); - - // Usage: - // set_metadata("filename", "key1", "value1", "key2", "value2", ...) - // Example: - // set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0); - RegisterFunction("set_metadata", SetMetadataFn); - - // Usage: - // set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...) - // Example: - // set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0); - RegisterFunction("set_metadata_recursive", SetMetadataFn); - - RegisterFunction("getprop", GetPropFn); - RegisterFunction("file_getprop", FileGetPropFn); - RegisterFunction("write_raw_image", WriteRawImageFn); - - RegisterFunction("apply_patch", ApplyPatchFn); - RegisterFunction("apply_patch_check", ApplyPatchCheckFn); - RegisterFunction("apply_patch_space", ApplyPatchSpaceFn); - - RegisterFunction("wipe_block_device", WipeBlockDeviceFn); - - RegisterFunction("read_file", ReadFileFn); - RegisterFunction("sha1_check", Sha1CheckFn); - RegisterFunction("rename", RenameFn); - - RegisterFunction("wipe_cache", WipeCacheFn); - - RegisterFunction("ui_print", UIPrintFn); - - RegisterFunction("run_program", RunProgramFn); - - RegisterFunction("reboot_now", RebootNowFn); - RegisterFunction("get_stage", GetStageFn); - RegisterFunction("set_stage", SetStageFn); - - RegisterFunction("enable_reboot", EnableRebootFn); - RegisterFunction("tune2fs", Tune2FsFn); -} diff --git a/updater/install.cpp b/updater/install.cpp new file mode 100644 index 000000000..422a1bb1e --- /dev/null +++ b/updater/install.cpp @@ -0,0 +1,1622 @@ +/* + * Copyright (C) 2009 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "bootloader.h" +#include "applypatch/applypatch.h" +#include "cutils/android_reboot.h" +#include "cutils/misc.h" +#include "cutils/properties.h" +#include "edify/expr.h" +#include "mincrypt/sha.h" +#include "minzip/DirUtil.h" +#include "mtdutils/mounts.h" +#include "mtdutils/mtdutils.h" +#include "updater.h" +#include "install.h" +#include "tune2fs.h" + +#ifdef USE_EXT4 +#include "make_ext4fs.h" +#include "wipe.h" +#endif + +void uiPrint(State* state, char* buffer) { + char* line = strtok(buffer, "\n"); + UpdaterInfo* ui = (UpdaterInfo*)(state->cookie); + while (line) { + fprintf(ui->cmd_pipe, "ui_print %s\n", line); + line = strtok(NULL, "\n"); + } + fprintf(ui->cmd_pipe, "ui_print\n"); + + // The recovery will only print the contents to screen for pipe command + // ui_print. We need to dump the contents to stderr (which has been + // redirected to the log file) directly. + fprintf(stderr, "%s", buffer); +} + +__attribute__((__format__(printf, 2, 3))) __nonnull((2)) +void uiPrintf(State* state, const char* format, ...) { + char error_msg[1024]; + va_list ap; + va_start(ap, format); + vsnprintf(error_msg, sizeof(error_msg), format, ap); + va_end(ap); + uiPrint(state, error_msg); +} + +// Take a sha-1 digest and return it as a newly-allocated hex string. +char* PrintSha1(const uint8_t* digest) { + char* buffer = reinterpret_cast(malloc(SHA_DIGEST_SIZE*2 + 1)); + const char* alphabet = "0123456789abcdef"; + size_t i; + for (i = 0; i < SHA_DIGEST_SIZE; ++i) { + buffer[i*2] = alphabet[(digest[i] >> 4) & 0xf]; + buffer[i*2+1] = alphabet[digest[i] & 0xf]; + } + buffer[i*2] = '\0'; + return buffer; +} + +// mount(fs_type, partition_type, location, mount_point) +// +// fs_type="yaffs2" partition_type="MTD" location=partition +// fs_type="ext4" partition_type="EMMC" location=device +Value* MountFn(const char* name, State* state, int argc, Expr* argv[]) { + char* result = NULL; + if (argc != 4 && argc != 5) { + return ErrorAbort(state, "%s() expects 4-5 args, got %d", name, argc); + } + char* fs_type; + char* partition_type; + char* location; + char* mount_point; + char* mount_options; + bool has_mount_options; + if (argc == 5) { + has_mount_options = true; + if (ReadArgs(state, argv, 5, &fs_type, &partition_type, + &location, &mount_point, &mount_options) < 0) { + return NULL; + } + } else { + has_mount_options = false; + if (ReadArgs(state, argv, 4, &fs_type, &partition_type, + &location, &mount_point) < 0) { + return NULL; + } + } + + if (strlen(fs_type) == 0) { + ErrorAbort(state, "fs_type argument to %s() can't be empty", name); + goto done; + } + if (strlen(partition_type) == 0) { + ErrorAbort(state, "partition_type argument to %s() can't be empty", + name); + goto done; + } + if (strlen(location) == 0) { + ErrorAbort(state, "location argument to %s() can't be empty", name); + goto done; + } + if (strlen(mount_point) == 0) { + ErrorAbort(state, "mount_point argument to %s() can't be empty", name); + goto done; + } + + { + char *secontext = NULL; + + if (sehandle) { + selabel_lookup(sehandle, &secontext, mount_point, 0755); + setfscreatecon(secontext); + } + + mkdir(mount_point, 0755); + + if (secontext) { + freecon(secontext); + setfscreatecon(NULL); + } + } + + if (strcmp(partition_type, "MTD") == 0) { + mtd_scan_partitions(); + const MtdPartition* mtd; + mtd = mtd_find_partition_by_name(location); + if (mtd == NULL) { + uiPrintf(state, "%s: no mtd partition named \"%s\"", + name, location); + result = strdup(""); + goto done; + } + if (mtd_mount_partition(mtd, mount_point, fs_type, 0 /* rw */) != 0) { + uiPrintf(state, "mtd mount of %s failed: %s\n", + location, strerror(errno)); + result = strdup(""); + goto done; + } + result = mount_point; + } else { + if (mount(location, mount_point, fs_type, + MS_NOATIME | MS_NODEV | MS_NODIRATIME, + has_mount_options ? mount_options : "") < 0) { + uiPrintf(state, "%s: failed to mount %s at %s: %s\n", + name, location, mount_point, strerror(errno)); + result = strdup(""); + } else { + result = mount_point; + } + } + +done: + free(fs_type); + free(partition_type); + free(location); + if (result != mount_point) free(mount_point); + if (has_mount_options) free(mount_options); + return StringValue(result); +} + + +// is_mounted(mount_point) +Value* IsMountedFn(const char* name, State* state, int argc, Expr* argv[]) { + char* result = NULL; + if (argc != 1) { + return ErrorAbort(state, "%s() expects 1 arg, got %d", name, argc); + } + char* mount_point; + if (ReadArgs(state, argv, 1, &mount_point) < 0) { + return NULL; + } + if (strlen(mount_point) == 0) { + ErrorAbort(state, "mount_point argument to unmount() can't be empty"); + goto done; + } + + scan_mounted_volumes(); + { + const MountedVolume* vol = find_mounted_volume_by_mount_point(mount_point); + if (vol == NULL) { + result = strdup(""); + } else { + result = mount_point; + } + } + +done: + if (result != mount_point) free(mount_point); + return StringValue(result); +} + + +Value* UnmountFn(const char* name, State* state, int argc, Expr* argv[]) { + char* result = NULL; + if (argc != 1) { + return ErrorAbort(state, "%s() expects 1 arg, got %d", name, argc); + } + char* mount_point; + if (ReadArgs(state, argv, 1, &mount_point) < 0) { + return NULL; + } + if (strlen(mount_point) == 0) { + ErrorAbort(state, "mount_point argument to unmount() can't be empty"); + goto done; + } + + scan_mounted_volumes(); + { + const MountedVolume* vol = find_mounted_volume_by_mount_point(mount_point); + if (vol == NULL) { + uiPrintf(state, "unmount of %s failed; no such volume\n", mount_point); + result = strdup(""); + } else { + int ret = unmount_mounted_volume(vol); + if (ret != 0) { + uiPrintf(state, "unmount of %s failed (%d): %s\n", + mount_point, ret, strerror(errno)); + } + result = mount_point; + } + } + +done: + if (result != mount_point) free(mount_point); + return StringValue(result); +} + +static int exec_cmd(const char* path, char* const argv[]) { + int status; + pid_t child; + if ((child = vfork()) == 0) { + execv(path, argv); + _exit(-1); + } + waitpid(child, &status, 0); + if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) { + printf("%s failed with status %d\n", path, WEXITSTATUS(status)); + } + return WEXITSTATUS(status); +} + + +// format(fs_type, partition_type, location, fs_size, mount_point) +// +// fs_type="yaffs2" partition_type="MTD" location=partition fs_size= mount_point= +// fs_type="ext4" partition_type="EMMC" location=device fs_size= mount_point= +// fs_type="f2fs" partition_type="EMMC" location=device fs_size= mount_point= +// if fs_size == 0, then make fs uses the entire partition. +// if fs_size > 0, that is the size to use +// if fs_size < 0, then reserve that many bytes at the end of the partition (not for "f2fs") +Value* FormatFn(const char* name, State* state, int argc, Expr* argv[]) { + char* result = NULL; + if (argc != 5) { + return ErrorAbort(state, "%s() expects 5 args, got %d", name, argc); + } + char* fs_type; + char* partition_type; + char* location; + char* fs_size; + char* mount_point; + + if (ReadArgs(state, argv, 5, &fs_type, &partition_type, &location, &fs_size, &mount_point) < 0) { + return NULL; + } + + if (strlen(fs_type) == 0) { + ErrorAbort(state, "fs_type argument to %s() can't be empty", name); + goto done; + } + if (strlen(partition_type) == 0) { + ErrorAbort(state, "partition_type argument to %s() can't be empty", + name); + goto done; + } + if (strlen(location) == 0) { + ErrorAbort(state, "location argument to %s() can't be empty", name); + goto done; + } + + if (strlen(mount_point) == 0) { + ErrorAbort(state, "mount_point argument to %s() can't be empty", name); + goto done; + } + + if (strcmp(partition_type, "MTD") == 0) { + mtd_scan_partitions(); + const MtdPartition* mtd = mtd_find_partition_by_name(location); + if (mtd == NULL) { + printf("%s: no mtd partition named \"%s\"", + name, location); + result = strdup(""); + goto done; + } + MtdWriteContext* ctx = mtd_write_partition(mtd); + if (ctx == NULL) { + printf("%s: can't write \"%s\"", name, location); + result = strdup(""); + goto done; + } + if (mtd_erase_blocks(ctx, -1) == -1) { + mtd_write_close(ctx); + printf("%s: failed to erase \"%s\"", name, location); + result = strdup(""); + goto done; + } + if (mtd_write_close(ctx) != 0) { + printf("%s: failed to close \"%s\"", name, location); + result = strdup(""); + goto done; + } + result = location; +#ifdef USE_EXT4 + } else if (strcmp(fs_type, "ext4") == 0) { + int status = make_ext4fs(location, atoll(fs_size), mount_point, sehandle); + if (status != 0) { + printf("%s: make_ext4fs failed (%d) on %s", + name, status, location); + result = strdup(""); + goto done; + } + result = location; + } else if (strcmp(fs_type, "f2fs") == 0) { + char *num_sectors; + if (asprintf(&num_sectors, "%lld", atoll(fs_size) / 512) <= 0) { + printf("format_volume: failed to create %s command for %s\n", fs_type, location); + result = strdup(""); + goto done; + } + const char *f2fs_path = "/sbin/mkfs.f2fs"; + const char* const f2fs_argv[] = {"mkfs.f2fs", "-t", "-d1", location, num_sectors, NULL}; + int status = exec_cmd(f2fs_path, (char* const*)f2fs_argv); + free(num_sectors); + if (status != 0) { + printf("%s: mkfs.f2fs failed (%d) on %s", + name, status, location); + result = strdup(""); + goto done; + } + result = location; +#endif + } else { + printf("%s: unsupported fs_type \"%s\" partition_type \"%s\"", + name, fs_type, partition_type); + } + +done: + free(fs_type); + free(partition_type); + if (result != location) free(location); + return StringValue(result); +} + +Value* RenameFn(const char* name, State* state, int argc, Expr* argv[]) { + char* result = NULL; + if (argc != 2) { + return ErrorAbort(state, "%s() expects 2 args, got %d", name, argc); + } + + char* src_name; + char* dst_name; + + if (ReadArgs(state, argv, 2, &src_name, &dst_name) < 0) { + return NULL; + } + if (strlen(src_name) == 0) { + ErrorAbort(state, "src_name argument to %s() can't be empty", name); + goto done; + } + if (strlen(dst_name) == 0) { + ErrorAbort(state, "dst_name argument to %s() can't be empty", name); + goto done; + } + if (make_parents(dst_name) != 0) { + ErrorAbort(state, "Creating parent of %s failed, error %s", + dst_name, strerror(errno)); + } else if (access(dst_name, F_OK) == 0 && access(src_name, F_OK) != 0) { + // File was already moved + result = dst_name; + } else if (rename(src_name, dst_name) != 0) { + ErrorAbort(state, "Rename of %s to %s failed, error %s", + src_name, dst_name, strerror(errno)); + } else { + result = dst_name; + } + +done: + free(src_name); + if (result != dst_name) free(dst_name); + return StringValue(result); +} + +Value* DeleteFn(const char* name, State* state, int argc, Expr* argv[]) { + char** paths = reinterpret_cast(malloc(argc * sizeof(char*))); + for (int i = 0; i < argc; ++i) { + paths[i] = Evaluate(state, argv[i]); + if (paths[i] == NULL) { + int j; + for (j = 0; j < i; ++i) { + free(paths[j]); + } + free(paths); + return NULL; + } + } + + bool recursive = (strcmp(name, "delete_recursive") == 0); + + int success = 0; + for (int i = 0; i < argc; ++i) { + if ((recursive ? dirUnlinkHierarchy(paths[i]) : unlink(paths[i])) == 0) + ++success; + free(paths[i]); + } + free(paths); + + char buffer[10]; + sprintf(buffer, "%d", success); + return StringValue(strdup(buffer)); +} + + +Value* ShowProgressFn(const char* name, State* state, int argc, Expr* argv[]) { + if (argc != 2) { + return ErrorAbort(state, "%s() expects 2 args, got %d", name, argc); + } + char* frac_str; + char* sec_str; + if (ReadArgs(state, argv, 2, &frac_str, &sec_str) < 0) { + return NULL; + } + + double frac = strtod(frac_str, NULL); + int sec = strtol(sec_str, NULL, 10); + + UpdaterInfo* ui = (UpdaterInfo*)(state->cookie); + fprintf(ui->cmd_pipe, "progress %f %d\n", frac, sec); + + free(sec_str); + return StringValue(frac_str); +} + +Value* SetProgressFn(const char* name, State* state, int argc, Expr* argv[]) { + if (argc != 1) { + return ErrorAbort(state, "%s() expects 1 arg, got %d", name, argc); + } + char* frac_str; + if (ReadArgs(state, argv, 1, &frac_str) < 0) { + return NULL; + } + + double frac = strtod(frac_str, NULL); + + UpdaterInfo* ui = (UpdaterInfo*)(state->cookie); + fprintf(ui->cmd_pipe, "set_progress %f\n", frac); + + return StringValue(frac_str); +} + +// package_extract_dir(package_path, destination_path) +Value* PackageExtractDirFn(const char* name, State* state, + int argc, Expr* argv[]) { + if (argc != 2) { + return ErrorAbort(state, "%s() expects 2 args, got %d", name, argc); + } + char* zip_path; + char* dest_path; + if (ReadArgs(state, argv, 2, &zip_path, &dest_path) < 0) return NULL; + + ZipArchive* za = ((UpdaterInfo*)(state->cookie))->package_zip; + + // To create a consistent system image, never use the clock for timestamps. + struct utimbuf timestamp = { 1217592000, 1217592000 }; // 8/1/2008 default + + bool success = mzExtractRecursive(za, zip_path, dest_path, + ×tamp, + NULL, NULL, sehandle); + free(zip_path); + free(dest_path); + return StringValue(strdup(success ? "t" : "")); +} + + +// package_extract_file(package_path, destination_path) +// or +// package_extract_file(package_path) +// to return the entire contents of the file as the result of this +// function (the char* returned is actually a FileContents*). +Value* PackageExtractFileFn(const char* name, State* state, + int argc, Expr* argv[]) { + if (argc < 1 || argc > 2) { + return ErrorAbort(state, "%s() expects 1 or 2 args, got %d", + name, argc); + } + bool success = false; + + if (argc == 2) { + // The two-argument version extracts to a file. + + ZipArchive* za = ((UpdaterInfo*)(state->cookie))->package_zip; + + char* zip_path; + char* dest_path; + if (ReadArgs(state, argv, 2, &zip_path, &dest_path) < 0) return NULL; + + const ZipEntry* entry = mzFindZipEntry(za, zip_path); + if (entry == NULL) { + printf("%s: no %s in package\n", name, zip_path); + goto done2; + } + + { + FILE* f = fopen(dest_path, "wb"); + if (f == NULL) { + printf("%s: can't open %s for write: %s\n", + name, dest_path, strerror(errno)); + goto done2; + } + success = mzExtractZipEntryToFile(za, entry, fileno(f)); + fclose(f); + } + + done2: + free(zip_path); + free(dest_path); + return StringValue(strdup(success ? "t" : "")); + } else { + // The one-argument version returns the contents of the file + // as the result. + + char* zip_path; + Value* v = reinterpret_cast(malloc(sizeof(Value))); + v->type = VAL_BLOB; + v->size = -1; + v->data = NULL; + + if (ReadArgs(state, argv, 1, &zip_path) < 0) return NULL; + + ZipArchive* za = ((UpdaterInfo*)(state->cookie))->package_zip; + const ZipEntry* entry = mzFindZipEntry(za, zip_path); + if (entry == NULL) { + printf("%s: no %s in package\n", name, zip_path); + goto done1; + } + + v->size = mzGetZipEntryUncompLen(entry); + v->data = reinterpret_cast(malloc(v->size)); + if (v->data == NULL) { + printf("%s: failed to allocate %ld bytes for %s\n", + name, (long)v->size, zip_path); + goto done1; + } + + success = mzExtractZipEntryToBuffer(za, entry, + (unsigned char *)v->data); + + done1: + free(zip_path); + if (!success) { + free(v->data); + v->data = NULL; + v->size = -1; + } + return v; + } +} + +// Create all parent directories of name, if necessary. +static int make_parents(char* name) { + char* p; + for (p = name + (strlen(name)-1); p > name; --p) { + if (*p != '/') continue; + *p = '\0'; + if (make_parents(name) < 0) return -1; + int result = mkdir(name, 0700); + if (result == 0) printf("created [%s]\n", name); + *p = '/'; + if (result == 0 || errno == EEXIST) { + // successfully created or already existed; we're done + return 0; + } else { + printf("failed to mkdir %s: %s\n", name, strerror(errno)); + return -1; + } + } + return 0; +} + +// symlink target src1 src2 ... +// unlinks any previously existing src1, src2, etc before creating symlinks. +Value* SymlinkFn(const char* name, State* state, int argc, Expr* argv[]) { + if (argc == 0) { + return ErrorAbort(state, "%s() expects 1+ args, got %d", name, argc); + } + char* target; + target = Evaluate(state, argv[0]); + if (target == NULL) return NULL; + + char** srcs = ReadVarArgs(state, argc-1, argv+1); + if (srcs == NULL) { + free(target); + return NULL; + } + + int bad = 0; + int i; + for (i = 0; i < argc-1; ++i) { + if (unlink(srcs[i]) < 0) { + if (errno != ENOENT) { + printf("%s: failed to remove %s: %s\n", + name, srcs[i], strerror(errno)); + ++bad; + } + } + if (make_parents(srcs[i])) { + printf("%s: failed to symlink %s to %s: making parents failed\n", + name, srcs[i], target); + ++bad; + } + if (symlink(target, srcs[i]) < 0) { + printf("%s: failed to symlink %s to %s: %s\n", + name, srcs[i], target, strerror(errno)); + ++bad; + } + free(srcs[i]); + } + free(srcs); + if (bad) { + return ErrorAbort(state, "%s: some symlinks failed", name); + } + return StringValue(strdup("")); +} + +struct perm_parsed_args { + bool has_uid; + uid_t uid; + bool has_gid; + gid_t gid; + bool has_mode; + mode_t mode; + bool has_fmode; + mode_t fmode; + bool has_dmode; + mode_t dmode; + bool has_selabel; + char* selabel; + bool has_capabilities; + uint64_t capabilities; +}; + +static struct perm_parsed_args ParsePermArgs(State * state, int argc, char** args) { + int i; + struct perm_parsed_args parsed; + int bad = 0; + static int max_warnings = 20; + + memset(&parsed, 0, sizeof(parsed)); + + for (i = 1; i < argc; i += 2) { + if (strcmp("uid", args[i]) == 0) { + int64_t uid; + if (sscanf(args[i+1], "%" SCNd64, &uid) == 1) { + parsed.uid = uid; + parsed.has_uid = true; + } else { + uiPrintf(state, "ParsePermArgs: invalid UID \"%s\"\n", args[i + 1]); + bad++; + } + continue; + } + if (strcmp("gid", args[i]) == 0) { + int64_t gid; + if (sscanf(args[i+1], "%" SCNd64, &gid) == 1) { + parsed.gid = gid; + parsed.has_gid = true; + } else { + uiPrintf(state, "ParsePermArgs: invalid GID \"%s\"\n", args[i + 1]); + bad++; + } + continue; + } + if (strcmp("mode", args[i]) == 0) { + int32_t mode; + if (sscanf(args[i+1], "%" SCNi32, &mode) == 1) { + parsed.mode = mode; + parsed.has_mode = true; + } else { + uiPrintf(state, "ParsePermArgs: invalid mode \"%s\"\n", args[i + 1]); + bad++; + } + continue; + } + if (strcmp("dmode", args[i]) == 0) { + int32_t mode; + if (sscanf(args[i+1], "%" SCNi32, &mode) == 1) { + parsed.dmode = mode; + parsed.has_dmode = true; + } else { + uiPrintf(state, "ParsePermArgs: invalid dmode \"%s\"\n", args[i + 1]); + bad++; + } + continue; + } + if (strcmp("fmode", args[i]) == 0) { + int32_t mode; + if (sscanf(args[i+1], "%" SCNi32, &mode) == 1) { + parsed.fmode = mode; + parsed.has_fmode = true; + } else { + uiPrintf(state, "ParsePermArgs: invalid fmode \"%s\"\n", args[i + 1]); + bad++; + } + continue; + } + if (strcmp("capabilities", args[i]) == 0) { + int64_t capabilities; + if (sscanf(args[i+1], "%" SCNi64, &capabilities) == 1) { + parsed.capabilities = capabilities; + parsed.has_capabilities = true; + } else { + uiPrintf(state, "ParsePermArgs: invalid capabilities \"%s\"\n", args[i + 1]); + bad++; + } + continue; + } + if (strcmp("selabel", args[i]) == 0) { + if (args[i+1][0] != '\0') { + parsed.selabel = args[i+1]; + parsed.has_selabel = true; + } else { + uiPrintf(state, "ParsePermArgs: invalid selabel \"%s\"\n", args[i + 1]); + bad++; + } + continue; + } + if (max_warnings != 0) { + printf("ParsedPermArgs: unknown key \"%s\", ignoring\n", args[i]); + max_warnings--; + if (max_warnings == 0) { + printf("ParsedPermArgs: suppressing further warnings\n"); + } + } + } + return parsed; +} + +static int ApplyParsedPerms( + State * state, + const char* filename, + const struct stat *statptr, + struct perm_parsed_args parsed) +{ + int bad = 0; + + if (parsed.has_selabel) { + if (lsetfilecon(filename, parsed.selabel) != 0) { + uiPrintf(state, "ApplyParsedPerms: lsetfilecon of %s to %s failed: %s\n", + filename, parsed.selabel, strerror(errno)); + bad++; + } + } + + /* ignore symlinks */ + if (S_ISLNK(statptr->st_mode)) { + return bad; + } + + if (parsed.has_uid) { + if (chown(filename, parsed.uid, -1) < 0) { + uiPrintf(state, "ApplyParsedPerms: chown of %s to %d failed: %s\n", + filename, parsed.uid, strerror(errno)); + bad++; + } + } + + if (parsed.has_gid) { + if (chown(filename, -1, parsed.gid) < 0) { + uiPrintf(state, "ApplyParsedPerms: chgrp of %s to %d failed: %s\n", + filename, parsed.gid, strerror(errno)); + bad++; + } + } + + if (parsed.has_mode) { + if (chmod(filename, parsed.mode) < 0) { + uiPrintf(state, "ApplyParsedPerms: chmod of %s to %d failed: %s\n", + filename, parsed.mode, strerror(errno)); + bad++; + } + } + + if (parsed.has_dmode && S_ISDIR(statptr->st_mode)) { + if (chmod(filename, parsed.dmode) < 0) { + uiPrintf(state, "ApplyParsedPerms: chmod of %s to %d failed: %s\n", + filename, parsed.dmode, strerror(errno)); + bad++; + } + } + + if (parsed.has_fmode && S_ISREG(statptr->st_mode)) { + if (chmod(filename, parsed.fmode) < 0) { + uiPrintf(state, "ApplyParsedPerms: chmod of %s to %d failed: %s\n", + filename, parsed.fmode, strerror(errno)); + bad++; + } + } + + if (parsed.has_capabilities && S_ISREG(statptr->st_mode)) { + if (parsed.capabilities == 0) { + if ((removexattr(filename, XATTR_NAME_CAPS) == -1) && (errno != ENODATA)) { + // Report failure unless it's ENODATA (attribute not set) + uiPrintf(state, "ApplyParsedPerms: removexattr of %s to %" PRIx64 " failed: %s\n", + filename, parsed.capabilities, strerror(errno)); + bad++; + } + } else { + struct vfs_cap_data cap_data; + memset(&cap_data, 0, sizeof(cap_data)); + cap_data.magic_etc = VFS_CAP_REVISION | VFS_CAP_FLAGS_EFFECTIVE; + cap_data.data[0].permitted = (uint32_t) (parsed.capabilities & 0xffffffff); + cap_data.data[0].inheritable = 0; + cap_data.data[1].permitted = (uint32_t) (parsed.capabilities >> 32); + cap_data.data[1].inheritable = 0; + if (setxattr(filename, XATTR_NAME_CAPS, &cap_data, sizeof(cap_data), 0) < 0) { + uiPrintf(state, "ApplyParsedPerms: setcap of %s to %" PRIx64 " failed: %s\n", + filename, parsed.capabilities, strerror(errno)); + bad++; + } + } + } + + return bad; +} + +// nftw doesn't allow us to pass along context, so we need to use +// global variables. *sigh* +static struct perm_parsed_args recursive_parsed_args; +static State* recursive_state; + +static int do_SetMetadataRecursive(const char* filename, const struct stat *statptr, + int fileflags, struct FTW *pfwt) { + return ApplyParsedPerms(recursive_state, filename, statptr, recursive_parsed_args); +} + +static Value* SetMetadataFn(const char* name, State* state, int argc, Expr* argv[]) { + int bad = 0; + struct stat sb; + Value* result = NULL; + + bool recursive = (strcmp(name, "set_metadata_recursive") == 0); + + if ((argc % 2) != 1) { + return ErrorAbort(state, "%s() expects an odd number of arguments, got %d", name, argc); + } + + char** args = ReadVarArgs(state, argc, argv); + if (args == NULL) return NULL; + + if (lstat(args[0], &sb) == -1) { + result = ErrorAbort(state, "%s: Error on lstat of \"%s\": %s", name, args[0], strerror(errno)); + goto done; + } + + { + struct perm_parsed_args parsed = ParsePermArgs(state, argc, args); + + if (recursive) { + recursive_parsed_args = parsed; + recursive_state = state; + bad += nftw(args[0], do_SetMetadataRecursive, 30, FTW_CHDIR | FTW_DEPTH | FTW_PHYS); + memset(&recursive_parsed_args, 0, sizeof(recursive_parsed_args)); + recursive_state = NULL; + } else { + bad += ApplyParsedPerms(state, args[0], &sb, parsed); + } + } + +done: + for (int i = 0; i < argc; ++i) { + free(args[i]); + } + free(args); + + if (result != NULL) { + return result; + } + + if (bad > 0) { + return ErrorAbort(state, "%s: some changes failed", name); + } + + return StringValue(strdup("")); +} + +Value* GetPropFn(const char* name, State* state, int argc, Expr* argv[]) { + if (argc != 1) { + return ErrorAbort(state, "%s() expects 1 arg, got %d", name, argc); + } + char* key = Evaluate(state, argv[0]); + if (key == NULL) return NULL; + + char value[PROPERTY_VALUE_MAX]; + property_get(key, value, ""); + free(key); + + return StringValue(strdup(value)); +} + + +// file_getprop(file, key) +// +// interprets 'file' as a getprop-style file (key=value pairs, one +// per line. # comment lines,blank lines, lines without '=' ignored), +// and returns the value for 'key' (or "" if it isn't defined). +Value* FileGetPropFn(const char* name, State* state, int argc, Expr* argv[]) { + char* result = NULL; + char* buffer = NULL; + char* filename; + char* key; + if (ReadArgs(state, argv, 2, &filename, &key) < 0) { + return NULL; + } + + struct stat st; + if (stat(filename, &st) < 0) { + ErrorAbort(state, "%s: failed to stat \"%s\": %s", name, filename, strerror(errno)); + goto done; + } + +#define MAX_FILE_GETPROP_SIZE 65536 + + if (st.st_size > MAX_FILE_GETPROP_SIZE) { + ErrorAbort(state, "%s too large for %s (max %d)", filename, name, MAX_FILE_GETPROP_SIZE); + goto done; + } + + buffer = reinterpret_cast(malloc(st.st_size+1)); + if (buffer == NULL) { + ErrorAbort(state, "%s: failed to alloc %lld bytes", name, (long long)st.st_size+1); + goto done; + } + + FILE* f; + f = fopen(filename, "rb"); + if (f == NULL) { + ErrorAbort(state, "%s: failed to open %s: %s", name, filename, strerror(errno)); + goto done; + } + + if (fread(buffer, 1, st.st_size, f) != st.st_size) { + ErrorAbort(state, "%s: failed to read %lld bytes from %s", + name, (long long)st.st_size+1, filename); + fclose(f); + goto done; + } + buffer[st.st_size] = '\0'; + + fclose(f); + + char* line; + line = strtok(buffer, "\n"); + do { + // skip whitespace at start of line + while (*line && isspace(*line)) ++line; + + // comment or blank line: skip to next line + if (*line == '\0' || *line == '#') continue; + + char* equal = strchr(line, '='); + if (equal == NULL) { + continue; + } + + // trim whitespace between key and '=' + char* key_end = equal-1; + while (key_end > line && isspace(*key_end)) --key_end; + key_end[1] = '\0'; + + // not the key we're looking for + if (strcmp(key, line) != 0) continue; + + // skip whitespace after the '=' to the start of the value + char* val_start = equal+1; + while(*val_start && isspace(*val_start)) ++val_start; + + // trim trailing whitespace + char* val_end = val_start + strlen(val_start)-1; + while (val_end > val_start && isspace(*val_end)) --val_end; + val_end[1] = '\0'; + + result = strdup(val_start); + break; + + } while ((line = strtok(NULL, "\n"))); + + if (result == NULL) result = strdup(""); + + done: + free(filename); + free(key); + free(buffer); + return StringValue(result); +} + +// write_raw_image(filename_or_blob, partition) +Value* WriteRawImageFn(const char* name, State* state, int argc, Expr* argv[]) { + char* result = NULL; + + Value* partition_value; + Value* contents; + if (ReadValueArgs(state, argv, 2, &contents, &partition_value) < 0) { + return NULL; + } + + char* partition = NULL; + if (partition_value->type != VAL_STRING) { + ErrorAbort(state, "partition argument to %s must be string", name); + goto done; + } + partition = partition_value->data; + if (strlen(partition) == 0) { + ErrorAbort(state, "partition argument to %s can't be empty", name); + goto done; + } + if (contents->type == VAL_STRING && strlen((char*) contents->data) == 0) { + ErrorAbort(state, "file argument to %s can't be empty", name); + goto done; + } + + mtd_scan_partitions(); + const MtdPartition* mtd; + mtd = mtd_find_partition_by_name(partition); + if (mtd == NULL) { + printf("%s: no mtd partition named \"%s\"\n", name, partition); + result = strdup(""); + goto done; + } + + MtdWriteContext* ctx; + ctx = mtd_write_partition(mtd); + if (ctx == NULL) { + printf("%s: can't write mtd partition \"%s\"\n", + name, partition); + result = strdup(""); + goto done; + } + + bool success; + + if (contents->type == VAL_STRING) { + // we're given a filename as the contents + char* filename = contents->data; + FILE* f = fopen(filename, "rb"); + if (f == NULL) { + printf("%s: can't open %s: %s\n", name, filename, strerror(errno)); + result = strdup(""); + goto done; + } + + success = true; + char* buffer = reinterpret_cast(malloc(BUFSIZ)); + int read; + while (success && (read = fread(buffer, 1, BUFSIZ, f)) > 0) { + int wrote = mtd_write_data(ctx, buffer, read); + success = success && (wrote == read); + } + free(buffer); + fclose(f); + } else { + // we're given a blob as the contents + ssize_t wrote = mtd_write_data(ctx, contents->data, contents->size); + success = (wrote == contents->size); + } + if (!success) { + printf("mtd_write_data to %s failed: %s\n", + partition, strerror(errno)); + } + + if (mtd_erase_blocks(ctx, -1) == -1) { + printf("%s: error erasing blocks of %s\n", name, partition); + } + if (mtd_write_close(ctx) != 0) { + printf("%s: error closing write of %s\n", name, partition); + } + + printf("%s %s partition\n", + success ? "wrote" : "failed to write", partition); + + result = success ? partition : strdup(""); + +done: + if (result != partition) FreeValue(partition_value); + FreeValue(contents); + return StringValue(result); +} + +// apply_patch_space(bytes) +Value* ApplyPatchSpaceFn(const char* name, State* state, + int argc, Expr* argv[]) { + char* bytes_str; + if (ReadArgs(state, argv, 1, &bytes_str) < 0) { + return NULL; + } + + char* endptr; + size_t bytes = strtol(bytes_str, &endptr, 10); + if (bytes == 0 && endptr == bytes_str) { + ErrorAbort(state, "%s(): can't parse \"%s\" as byte count\n\n", name, bytes_str); + free(bytes_str); + return NULL; + } + + return StringValue(strdup(CacheSizeCheck(bytes) ? "" : "t")); +} + +// apply_patch(file, size, init_sha1, tgt_sha1, patch) + +Value* ApplyPatchFn(const char* name, State* state, int argc, Expr* argv[]) { + if (argc < 6 || (argc % 2) == 1) { + return ErrorAbort(state, "%s(): expected at least 6 args and an " + "even number, got %d", + name, argc); + } + + char* source_filename; + char* target_filename; + char* target_sha1; + char* target_size_str; + if (ReadArgs(state, argv, 4, &source_filename, &target_filename, + &target_sha1, &target_size_str) < 0) { + return NULL; + } + + char* endptr; + size_t target_size = strtol(target_size_str, &endptr, 10); + if (target_size == 0 && endptr == target_size_str) { + ErrorAbort(state, "%s(): can't parse \"%s\" as byte count", + name, target_size_str); + free(source_filename); + free(target_filename); + free(target_sha1); + free(target_size_str); + return NULL; + } + + int patchcount = (argc-4) / 2; + Value** patches = ReadValueVarArgs(state, argc-4, argv+4); + + int i; + for (i = 0; i < patchcount; ++i) { + if (patches[i*2]->type != VAL_STRING) { + ErrorAbort(state, "%s(): sha-1 #%d is not string", name, i); + break; + } + if (patches[i*2+1]->type != VAL_BLOB) { + ErrorAbort(state, "%s(): patch #%d is not blob", name, i); + break; + } + } + if (i != patchcount) { + for (i = 0; i < patchcount*2; ++i) { + FreeValue(patches[i]); + } + free(patches); + return NULL; + } + + char** patch_sha_str = reinterpret_cast(malloc(patchcount * sizeof(char*))); + for (i = 0; i < patchcount; ++i) { + patch_sha_str[i] = patches[i*2]->data; + patches[i*2]->data = NULL; + FreeValue(patches[i*2]); + patches[i] = patches[i*2+1]; + } + + int result = applypatch(source_filename, target_filename, + target_sha1, target_size, + patchcount, patch_sha_str, patches, NULL); + + for (i = 0; i < patchcount; ++i) { + FreeValue(patches[i]); + } + free(patch_sha_str); + free(patches); + + return StringValue(strdup(result == 0 ? "t" : "")); +} + +// apply_patch_check(file, [sha1_1, ...]) +Value* ApplyPatchCheckFn(const char* name, State* state, + int argc, Expr* argv[]) { + if (argc < 1) { + return ErrorAbort(state, "%s(): expected at least 1 arg, got %d", + name, argc); + } + + char* filename; + if (ReadArgs(state, argv, 1, &filename) < 0) { + return NULL; + } + + int patchcount = argc-1; + char** sha1s = ReadVarArgs(state, argc-1, argv+1); + + int result = applypatch_check(filename, patchcount, sha1s); + + int i; + for (i = 0; i < patchcount; ++i) { + free(sha1s[i]); + } + free(sha1s); + + return StringValue(strdup(result == 0 ? "t" : "")); +} + +Value* UIPrintFn(const char* name, State* state, int argc, Expr* argv[]) { + char** args = ReadVarArgs(state, argc, argv); + if (args == NULL) { + return NULL; + } + + int size = 0; + int i; + for (i = 0; i < argc; ++i) { + size += strlen(args[i]); + } + char* buffer = reinterpret_cast(malloc(size+1)); + size = 0; + for (i = 0; i < argc; ++i) { + strcpy(buffer+size, args[i]); + size += strlen(args[i]); + free(args[i]); + } + free(args); + buffer[size] = '\0'; + uiPrint(state, buffer); + return StringValue(buffer); +} + +Value* WipeCacheFn(const char* name, State* state, int argc, Expr* argv[]) { + if (argc != 0) { + return ErrorAbort(state, "%s() expects no args, got %d", name, argc); + } + fprintf(((UpdaterInfo*)(state->cookie))->cmd_pipe, "wipe_cache\n"); + return StringValue(strdup("t")); +} + +Value* RunProgramFn(const char* name, State* state, int argc, Expr* argv[]) { + if (argc < 1) { + return ErrorAbort(state, "%s() expects at least 1 arg", name); + } + char** args = ReadVarArgs(state, argc, argv); + if (args == NULL) { + return NULL; + } + + char** args2 = reinterpret_cast(malloc(sizeof(char*) * (argc+1))); + memcpy(args2, args, sizeof(char*) * argc); + args2[argc] = NULL; + + printf("about to run program [%s] with %d args\n", args2[0], argc); + + pid_t child = fork(); + if (child == 0) { + execv(args2[0], args2); + printf("run_program: execv failed: %s\n", strerror(errno)); + _exit(1); + } + int status; + waitpid(child, &status, 0); + if (WIFEXITED(status)) { + if (WEXITSTATUS(status) != 0) { + printf("run_program: child exited with status %d\n", + WEXITSTATUS(status)); + } + } else if (WIFSIGNALED(status)) { + printf("run_program: child terminated by signal %d\n", + WTERMSIG(status)); + } + + int i; + for (i = 0; i < argc; ++i) { + free(args[i]); + } + free(args); + free(args2); + + char buffer[20]; + sprintf(buffer, "%d", status); + + return StringValue(strdup(buffer)); +} + +// sha1_check(data) +// to return the sha1 of the data (given in the format returned by +// read_file). +// +// sha1_check(data, sha1_hex, [sha1_hex, ...]) +// returns the sha1 of the file if it matches any of the hex +// strings passed, or "" if it does not equal any of them. +// +Value* Sha1CheckFn(const char* name, State* state, int argc, Expr* argv[]) { + if (argc < 1) { + return ErrorAbort(state, "%s() expects at least 1 arg", name); + } + + Value** args = ReadValueVarArgs(state, argc, argv); + if (args == NULL) { + return NULL; + } + + if (args[0]->size < 0) { + return StringValue(strdup("")); + } + uint8_t digest[SHA_DIGEST_SIZE]; + SHA_hash(args[0]->data, args[0]->size, digest); + FreeValue(args[0]); + + if (argc == 1) { + return StringValue(PrintSha1(digest)); + } + + int i; + uint8_t* arg_digest = reinterpret_cast(malloc(SHA_DIGEST_SIZE)); + for (i = 1; i < argc; ++i) { + if (args[i]->type != VAL_STRING) { + printf("%s(): arg %d is not a string; skipping", + name, i); + } else if (ParseSha1(args[i]->data, arg_digest) != 0) { + // Warn about bad args and skip them. + printf("%s(): error parsing \"%s\" as sha-1; skipping", + name, args[i]->data); + } else if (memcmp(digest, arg_digest, SHA_DIGEST_SIZE) == 0) { + break; + } + FreeValue(args[i]); + } + if (i >= argc) { + // Didn't match any of the hex strings; return false. + return StringValue(strdup("")); + } + // Found a match; free all the remaining arguments and return the + // matched one. + int j; + for (j = i+1; j < argc; ++j) { + FreeValue(args[j]); + } + return args[i]; +} + +// Read a local file and return its contents (the Value* returned +// is actually a FileContents*). +Value* ReadFileFn(const char* name, State* state, int argc, Expr* argv[]) { + if (argc != 1) { + return ErrorAbort(state, "%s() expects 1 arg, got %d", name, argc); + } + char* filename; + if (ReadArgs(state, argv, 1, &filename) < 0) return NULL; + + Value* v = reinterpret_cast(malloc(sizeof(Value))); + v->type = VAL_BLOB; + + FileContents fc; + if (LoadFileContents(filename, &fc) != 0) { + free(filename); + v->size = -1; + v->data = NULL; + free(fc.data); + return v; + } + + v->size = fc.size; + v->data = (char*)fc.data; + + free(filename); + return v; +} + +// Immediately reboot the device. Recovery is not finished normally, +// so if you reboot into recovery it will re-start applying the +// current package (because nothing has cleared the copy of the +// arguments stored in the BCB). +// +// The argument is the partition name passed to the android reboot +// property. It can be "recovery" to boot from the recovery +// partition, or "" (empty string) to boot from the regular boot +// partition. +Value* RebootNowFn(const char* name, State* state, int argc, Expr* argv[]) { + if (argc != 2) { + return ErrorAbort(state, "%s() expects 2 args, got %d", name, argc); + } + + char* filename; + char* property; + if (ReadArgs(state, argv, 2, &filename, &property) < 0) return NULL; + + char buffer[80]; + + // zero out the 'command' field of the bootloader message. + memset(buffer, 0, sizeof(((struct bootloader_message*)0)->command)); + FILE* f = fopen(filename, "r+b"); + fseek(f, offsetof(struct bootloader_message, command), SEEK_SET); + fwrite(buffer, sizeof(((struct bootloader_message*)0)->command), 1, f); + fclose(f); + free(filename); + + strcpy(buffer, "reboot,"); + if (property != NULL) { + strncat(buffer, property, sizeof(buffer)-10); + } + + property_set(ANDROID_RB_PROPERTY, buffer); + + sleep(5); + free(property); + ErrorAbort(state, "%s() failed to reboot", name); + return NULL; +} + +// Store a string value somewhere that future invocations of recovery +// can access it. This value is called the "stage" and can be used to +// drive packages that need to do reboots in the middle of +// installation and keep track of where they are in the multi-stage +// install. +// +// The first argument is the block device for the misc partition +// ("/misc" in the fstab), which is where this value is stored. The +// second argument is the string to store; it should not exceed 31 +// bytes. +Value* SetStageFn(const char* name, State* state, int argc, Expr* argv[]) { + if (argc != 2) { + return ErrorAbort(state, "%s() expects 2 args, got %d", name, argc); + } + + char* filename; + char* stagestr; + if (ReadArgs(state, argv, 2, &filename, &stagestr) < 0) return NULL; + + // Store this value in the misc partition, immediately after the + // bootloader message that the main recovery uses to save its + // arguments in case of the device restarting midway through + // package installation. + FILE* f = fopen(filename, "r+b"); + fseek(f, offsetof(struct bootloader_message, stage), SEEK_SET); + int to_write = strlen(stagestr)+1; + int max_size = sizeof(((struct bootloader_message*)0)->stage); + if (to_write > max_size) { + to_write = max_size; + stagestr[max_size-1] = 0; + } + fwrite(stagestr, to_write, 1, f); + fclose(f); + + free(stagestr); + return StringValue(filename); +} + +// Return the value most recently saved with SetStageFn. The argument +// is the block device for the misc partition. +Value* GetStageFn(const char* name, State* state, int argc, Expr* argv[]) { + if (argc != 1) { + return ErrorAbort(state, "%s() expects 1 arg, got %d", name, argc); + } + + char* filename; + if (ReadArgs(state, argv, 1, &filename) < 0) return NULL; + + char buffer[sizeof(((struct bootloader_message*)0)->stage)]; + FILE* f = fopen(filename, "rb"); + fseek(f, offsetof(struct bootloader_message, stage), SEEK_SET); + fread(buffer, sizeof(buffer), 1, f); + fclose(f); + buffer[sizeof(buffer)-1] = '\0'; + + return StringValue(strdup(buffer)); +} + +Value* WipeBlockDeviceFn(const char* name, State* state, int argc, Expr* argv[]) { + if (argc != 2) { + return ErrorAbort(state, "%s() expects 2 args, got %d", name, argc); + } + + char* filename; + char* len_str; + if (ReadArgs(state, argv, 2, &filename, &len_str) < 0) return NULL; + + size_t len = strtoull(len_str, NULL, 0); + int fd = open(filename, O_WRONLY, 0644); + int success = wipe_block_device(fd, len); + + free(filename); + free(len_str); + + close(fd); + + return StringValue(strdup(success ? "t" : "")); +} + +Value* EnableRebootFn(const char* name, State* state, int argc, Expr* argv[]) { + if (argc != 0) { + return ErrorAbort(state, "%s() expects no args, got %d", name, argc); + } + UpdaterInfo* ui = (UpdaterInfo*)(state->cookie); + fprintf(ui->cmd_pipe, "enable_reboot\n"); + return StringValue(strdup("t")); +} + +Value* Tune2FsFn(const char* name, State* state, int argc, Expr* argv[]) { + if (argc == 0) { + return ErrorAbort(state, "%s() expects args, got %d", name, argc); + } + + char** args = ReadVarArgs(state, argc, argv); + if (args == NULL) { + return ErrorAbort(state, "%s() could not read args", name); + } + + char** args2 = reinterpret_cast(malloc(sizeof(char*) * (argc+1))); + // Tune2fs expects the program name as its args[0] + args2[0] = strdup(name); + for (int i = 0; i < argc; ++i) { + args2[i + 1] = args[i]; + } + int result = tune2fs_main(argc + 1, args2); + for (int i = 0; i < argc; ++i) { + free(args[i]); + } + free(args); + + free(args2[0]); + free(args2); + if (result != 0) { + return ErrorAbort(state, "%s() returned error code %d", name, result); + } + return StringValue(strdup("t")); +} + +void RegisterInstallFunctions() { + RegisterFunction("mount", MountFn); + RegisterFunction("is_mounted", IsMountedFn); + RegisterFunction("unmount", UnmountFn); + RegisterFunction("format", FormatFn); + RegisterFunction("show_progress", ShowProgressFn); + RegisterFunction("set_progress", SetProgressFn); + RegisterFunction("delete", DeleteFn); + RegisterFunction("delete_recursive", DeleteFn); + RegisterFunction("package_extract_dir", PackageExtractDirFn); + RegisterFunction("package_extract_file", PackageExtractFileFn); + RegisterFunction("symlink", SymlinkFn); + + // Usage: + // set_metadata("filename", "key1", "value1", "key2", "value2", ...) + // Example: + // set_metadata("/system/bin/netcfg", "uid", 0, "gid", 3003, "mode", 02750, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0); + RegisterFunction("set_metadata", SetMetadataFn); + + // Usage: + // set_metadata_recursive("dirname", "key1", "value1", "key2", "value2", ...) + // Example: + // set_metadata_recursive("/system", "uid", 0, "gid", 0, "fmode", 0644, "dmode", 0755, "selabel", "u:object_r:system_file:s0", "capabilities", 0x0); + RegisterFunction("set_metadata_recursive", SetMetadataFn); + + RegisterFunction("getprop", GetPropFn); + RegisterFunction("file_getprop", FileGetPropFn); + RegisterFunction("write_raw_image", WriteRawImageFn); + + RegisterFunction("apply_patch", ApplyPatchFn); + RegisterFunction("apply_patch_check", ApplyPatchCheckFn); + RegisterFunction("apply_patch_space", ApplyPatchSpaceFn); + + RegisterFunction("wipe_block_device", WipeBlockDeviceFn); + + RegisterFunction("read_file", ReadFileFn); + RegisterFunction("sha1_check", Sha1CheckFn); + RegisterFunction("rename", RenameFn); + + RegisterFunction("wipe_cache", WipeCacheFn); + + RegisterFunction("ui_print", UIPrintFn); + + RegisterFunction("run_program", RunProgramFn); + + RegisterFunction("reboot_now", RebootNowFn); + RegisterFunction("get_stage", GetStageFn); + RegisterFunction("set_stage", SetStageFn); + + RegisterFunction("enable_reboot", EnableRebootFn); + RegisterFunction("tune2fs", Tune2FsFn); +} diff --git a/updater/updater.c b/updater/updater.c deleted file mode 100644 index 661f69587..000000000 --- a/updater/updater.c +++ /dev/null @@ -1,169 +0,0 @@ -/* - * Copyright (C) 2009 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include -#include -#include -#include - -#include "edify/expr.h" -#include "updater.h" -#include "install.h" -#include "blockimg.h" -#include "minzip/Zip.h" -#include "minzip/SysUtil.h" - -// Generated by the makefile, this function defines the -// RegisterDeviceExtensions() function, which calls all the -// registration functions for device-specific extensions. -#include "register.inc" - -// Where in the package we expect to find the edify script to execute. -// (Note it's "updateR-script", not the older "update-script".) -#define SCRIPT_NAME "META-INF/com/google/android/updater-script" - -struct selabel_handle *sehandle; - -int main(int argc, char** argv) { - // Various things log information to stdout or stderr more or less - // at random (though we've tried to standardize on stdout). The - // log file makes more sense if buffering is turned off so things - // appear in the right order. - setbuf(stdout, NULL); - setbuf(stderr, NULL); - - if (argc != 4) { - printf("unexpected number of arguments (%d)\n", argc); - return 1; - } - - char* version = argv[1]; - if ((version[0] != '1' && version[0] != '2' && version[0] != '3') || - version[1] != '\0') { - // We support version 1, 2, or 3. - printf("wrong updater binary API; expected 1, 2, or 3; " - "got %s\n", - argv[1]); - return 2; - } - - // Set up the pipe for sending commands back to the parent process. - - int fd = atoi(argv[2]); - FILE* cmd_pipe = fdopen(fd, "wb"); - setlinebuf(cmd_pipe); - - // Extract the script from the package. - - const char* package_filename = argv[3]; - MemMapping map; - if (sysMapFile(package_filename, &map) != 0) { - printf("failed to map package %s\n", argv[3]); - return 3; - } - ZipArchive za; - int err; - err = mzOpenZipArchive(map.addr, map.length, &za); - if (err != 0) { - printf("failed to open package %s: %s\n", - argv[3], strerror(err)); - return 3; - } - - const ZipEntry* script_entry = mzFindZipEntry(&za, SCRIPT_NAME); - if (script_entry == NULL) { - printf("failed to find %s in %s\n", SCRIPT_NAME, package_filename); - return 4; - } - - char* script = malloc(script_entry->uncompLen+1); - if (!mzReadZipEntry(&za, script_entry, script, script_entry->uncompLen)) { - printf("failed to read script from package\n"); - return 5; - } - script[script_entry->uncompLen] = '\0'; - - // Configure edify's functions. - - RegisterBuiltins(); - RegisterInstallFunctions(); - RegisterBlockImageFunctions(); - RegisterDeviceExtensions(); - FinishRegistration(); - - // Parse the script. - - Expr* root; - int error_count = 0; - int error = parse_string(script, &root, &error_count); - if (error != 0 || error_count > 0) { - printf("%d parse errors\n", error_count); - return 6; - } - - struct selinux_opt seopts[] = { - { SELABEL_OPT_PATH, "/file_contexts" } - }; - - sehandle = selabel_open(SELABEL_CTX_FILE, seopts, 1); - - if (!sehandle) { - fprintf(cmd_pipe, "ui_print Warning: No file_contexts\n"); - } - - // Evaluate the parsed script. - - UpdaterInfo updater_info; - updater_info.cmd_pipe = cmd_pipe; - updater_info.package_zip = &za; - updater_info.version = atoi(version); - updater_info.package_zip_addr = map.addr; - updater_info.package_zip_len = map.length; - - State state; - state.cookie = &updater_info; - state.script = script; - state.errmsg = NULL; - - char* result = Evaluate(&state, root); - if (result == NULL) { - if (state.errmsg == NULL) { - printf("script aborted (no error message)\n"); - fprintf(cmd_pipe, "ui_print script aborted (no error message)\n"); - } else { - printf("script aborted: %s\n", state.errmsg); - char* line = strtok(state.errmsg, "\n"); - while (line) { - fprintf(cmd_pipe, "ui_print %s\n", line); - line = strtok(NULL, "\n"); - } - fprintf(cmd_pipe, "ui_print\n"); - } - free(state.errmsg); - return 7; - } else { - fprintf(cmd_pipe, "ui_print script succeeded: result was [%s]\n", result); - free(result); - } - - if (updater_info.package_zip) { - mzCloseZipArchive(updater_info.package_zip); - } - sysReleaseMap(&map); - free(script); - - return 0; -} diff --git a/updater/updater.cpp b/updater/updater.cpp new file mode 100644 index 000000000..0f22e6d04 --- /dev/null +++ b/updater/updater.cpp @@ -0,0 +1,169 @@ +/* + * Copyright (C) 2009 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#include + +#include "edify/expr.h" +#include "updater.h" +#include "install.h" +#include "blockimg.h" +#include "minzip/Zip.h" +#include "minzip/SysUtil.h" + +// Generated by the makefile, this function defines the +// RegisterDeviceExtensions() function, which calls all the +// registration functions for device-specific extensions. +#include "register.inc" + +// Where in the package we expect to find the edify script to execute. +// (Note it's "updateR-script", not the older "update-script".) +#define SCRIPT_NAME "META-INF/com/google/android/updater-script" + +struct selabel_handle *sehandle; + +int main(int argc, char** argv) { + // Various things log information to stdout or stderr more or less + // at random (though we've tried to standardize on stdout). The + // log file makes more sense if buffering is turned off so things + // appear in the right order. + setbuf(stdout, NULL); + setbuf(stderr, NULL); + + if (argc != 4) { + printf("unexpected number of arguments (%d)\n", argc); + return 1; + } + + char* version = argv[1]; + if ((version[0] != '1' && version[0] != '2' && version[0] != '3') || + version[1] != '\0') { + // We support version 1, 2, or 3. + printf("wrong updater binary API; expected 1, 2, or 3; " + "got %s\n", + argv[1]); + return 2; + } + + // Set up the pipe for sending commands back to the parent process. + + int fd = atoi(argv[2]); + FILE* cmd_pipe = fdopen(fd, "wb"); + setlinebuf(cmd_pipe); + + // Extract the script from the package. + + const char* package_filename = argv[3]; + MemMapping map; + if (sysMapFile(package_filename, &map) != 0) { + printf("failed to map package %s\n", argv[3]); + return 3; + } + ZipArchive za; + int err; + err = mzOpenZipArchive(map.addr, map.length, &za); + if (err != 0) { + printf("failed to open package %s: %s\n", + argv[3], strerror(err)); + return 3; + } + + const ZipEntry* script_entry = mzFindZipEntry(&za, SCRIPT_NAME); + if (script_entry == NULL) { + printf("failed to find %s in %s\n", SCRIPT_NAME, package_filename); + return 4; + } + + char* script = reinterpret_cast(malloc(script_entry->uncompLen+1)); + if (!mzReadZipEntry(&za, script_entry, script, script_entry->uncompLen)) { + printf("failed to read script from package\n"); + return 5; + } + script[script_entry->uncompLen] = '\0'; + + // Configure edify's functions. + + RegisterBuiltins(); + RegisterInstallFunctions(); + RegisterBlockImageFunctions(); + RegisterDeviceExtensions(); + FinishRegistration(); + + // Parse the script. + + Expr* root; + int error_count = 0; + int error = parse_string(script, &root, &error_count); + if (error != 0 || error_count > 0) { + printf("%d parse errors\n", error_count); + return 6; + } + + struct selinux_opt seopts[] = { + { SELABEL_OPT_PATH, "/file_contexts" } + }; + + sehandle = selabel_open(SELABEL_CTX_FILE, seopts, 1); + + if (!sehandle) { + fprintf(cmd_pipe, "ui_print Warning: No file_contexts\n"); + } + + // Evaluate the parsed script. + + UpdaterInfo updater_info; + updater_info.cmd_pipe = cmd_pipe; + updater_info.package_zip = &za; + updater_info.version = atoi(version); + updater_info.package_zip_addr = map.addr; + updater_info.package_zip_len = map.length; + + State state; + state.cookie = &updater_info; + state.script = script; + state.errmsg = NULL; + + char* result = Evaluate(&state, root); + if (result == NULL) { + if (state.errmsg == NULL) { + printf("script aborted (no error message)\n"); + fprintf(cmd_pipe, "ui_print script aborted (no error message)\n"); + } else { + printf("script aborted: %s\n", state.errmsg); + char* line = strtok(state.errmsg, "\n"); + while (line) { + fprintf(cmd_pipe, "ui_print %s\n", line); + line = strtok(NULL, "\n"); + } + fprintf(cmd_pipe, "ui_print\n"); + } + free(state.errmsg); + return 7; + } else { + fprintf(cmd_pipe, "ui_print script succeeded: result was [%s]\n", result); + free(result); + } + + if (updater_info.package_zip) { + mzCloseZipArchive(updater_info.package_zip); + } + sysReleaseMap(&map); + free(script); + + return 0; +} -- cgit v1.2.3 From ba8a6789f735bb74443a3c8670ff3d21781c96db Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Fri, 17 Jul 2015 13:39:52 -0700 Subject: updater: libapplypatch needs libbase now. Change-Id: I18da9e6da64fccab495dc5a96e3efd95cc6d88bf (cherry picked from commit 1b1ea17d554d127a970afe1d6004dd4627cd596e) --- updater/Android.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'updater') diff --git a/updater/Android.mk b/updater/Android.mk index 0d4179b23..82fa7e265 100644 --- a/updater/Android.mk +++ b/updater/Android.mk @@ -44,7 +44,7 @@ LOCAL_STATIC_LIBRARIES += \ endif LOCAL_STATIC_LIBRARIES += $(TARGET_RECOVERY_UPDATER_LIBS) $(TARGET_RECOVERY_UPDATER_EXTRA_LIBS) -LOCAL_STATIC_LIBRARIES += libapplypatch libedify libmtdutils libminzip libz +LOCAL_STATIC_LIBRARIES += libapplypatch libbase libedify libmtdutils libminzip libz LOCAL_STATIC_LIBRARIES += libmincrypt libbz LOCAL_STATIC_LIBRARIES += libcutils liblog libc LOCAL_STATIC_LIBRARIES += libselinux -- cgit v1.2.3 From 187efff6f37bd6bd3ddae816a847afd16ff06c1d Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Mon, 27 Jul 2015 14:07:08 -0700 Subject: updater: Hoist fsync() to outer loop. Currently the fsync() inside write_all() may be called multiple times when performing a command. Move that to the outer loop and call it only after completing the command. Also remove the O_SYNC flag when writing a stash. Change-Id: I71e51d76051a2f7f504eef1aa585d2cb7a000d80 --- updater/blockimg.cpp | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) (limited to 'updater') diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index 258d97552..77117db05 100644 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -192,11 +192,6 @@ static int write_all(int fd, const uint8_t* data, size_t size) { written += w; } - if (fsync(fd) == -1) { - fprintf(stderr, "fsync failed: %s\n", strerror(errno)); - return -1; - } - return 0; } @@ -728,7 +723,7 @@ static int WriteStash(const char* base, const char* id, int blocks, uint8_t* buf fprintf(stderr, " writing %d blocks to %s\n", blocks, cn); - fd = TEMP_FAILURE_RETRY(open(fn, O_WRONLY | O_CREAT | O_TRUNC | O_SYNC, STASH_FILE_MODE)); + fd = TEMP_FAILURE_RETRY(open(fn, O_WRONLY | O_CREAT | O_TRUNC, STASH_FILE_MODE)); if (fd == -1) { fprintf(stderr, "failed to create \"%s\": %s\n", fn, strerror(errno)); @@ -1762,6 +1757,10 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int argc, } if (params.canwrite) { + if (fsync(params.fd) == -1) { + fprintf(stderr, "fsync failed: %s\n", strerror(errno)); + goto pbiudone; + } fprintf(cmd_pipe, "set_progress %.4f\n", (double) params.written / total_blocks); fflush(cmd_pipe); } -- cgit v1.2.3 From dc3922622a94af4f6412fd68e8f075f839ab2348 Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Fri, 31 Jul 2015 15:56:44 -0700 Subject: udpater: Call fsync() after rename(). We need to ensure the renamed filename reaches the underlying storage. Bug: 22840552 Change-Id: Ide2e753a2038691d472b6ee173cbf68ac998a084 --- updater/blockimg.cpp | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'updater') diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index 77117db05..a7821f362 100644 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -19,6 +19,7 @@ #include #include #include +#include #include #include #include @@ -686,6 +687,7 @@ static int WriteStash(const char* base, const char* id, int blocks, uint8_t* buf char *cn = NULL; int fd = -1; int rc = -1; + int dfd = -1; int res; struct stat st; @@ -744,6 +746,20 @@ static int WriteStash(const char* base, const char* id, int blocks, uint8_t* buf goto wsout; } + const char* dname; + dname = dirname(cn); + dfd = TEMP_FAILURE_RETRY(open(dname, O_RDONLY | O_DIRECTORY)); + + if (dfd == -1) { + fprintf(stderr, "failed to open \"%s\" failed: %s\n", dname, strerror(errno)); + goto wsout; + } + + if (fsync(dfd) == -1) { + fprintf(stderr, "fsync \"%s\" failed: %s\n", dname, strerror(errno)); + goto wsout; + } + rc = 0; wsout: @@ -751,6 +767,10 @@ wsout: close(fd); } + if (dfd != -1) { + close(dfd); + } + if (fn) { free(fn); } -- cgit v1.2.3 From e6aa3326c1dbebac95eebc320d2c419f0ae9f9b9 Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Wed, 5 Aug 2015 15:20:27 -0700 Subject: updater: Clean up char* with std::string. So we can remove a few free()s. And also replace a few pointers with references. Change-Id: I4b6332216704f4f9ea4a044b8d4bb7aa42a7ef26 --- updater/blockimg.cpp | 402 ++++++++++++++++++--------------------------------- 1 file changed, 141 insertions(+), 261 deletions(-) (limited to 'updater') diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index a7821f362..3a07da404 100644 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -19,7 +19,6 @@ #include #include #include -#include #include #include #include @@ -33,11 +32,17 @@ #include #include +#include +#include + +#include + #include "applypatch/applypatch.h" #include "edify/expr.h" #include "mincrypt/sha.h" #include "minzip/Hash.h" #include "updater.h" +#include "print_sha1.h" #define BLOCKSIZE 4096 @@ -50,8 +55,6 @@ #define STASH_DIRECTORY_MODE 0700 #define STASH_FILE_MODE 0600 -char* PrintSha1(const uint8_t* digest); - typedef struct { int count; int size; @@ -145,28 +148,22 @@ err: exit(1); } -static int range_overlaps(RangeSet* r1, RangeSet* r2) { - int i, j, r1_0, r1_1, r2_0, r2_1; - - if (!r1 || !r2) { - return 0; - } - - for (i = 0; i < r1->count; ++i) { - r1_0 = r1->pos[i * 2]; - r1_1 = r1->pos[i * 2 + 1]; +static bool range_overlaps(const RangeSet& r1, const RangeSet& r2) { + for (int i = 0; i < r1.count; ++i) { + int r1_0 = r1.pos[i * 2]; + int r1_1 = r1.pos[i * 2 + 1]; - for (j = 0; j < r2->count; ++j) { - r2_0 = r2->pos[j * 2]; - r2_1 = r2->pos[j * 2 + 1]; + for (int j = 0; j < r2.count; ++j) { + int r2_0 = r2.pos[j * 2]; + int r2_1 = r2.pos[j * 2 + 1]; if (!(r2_0 >= r1_1 || r1_0 >= r2_1)) { - return 1; + return true; } } } - return 0; + return false; } static int read_all(int fd, uint8_t* data, size_t size) { @@ -405,7 +402,7 @@ static int WriteBlocks(RangeSet* tgt, uint8_t* buffer, int fd) { // in *tgt, if tgt is non-NULL. static int LoadSrcTgtVersion1(char** wordsave, RangeSet** tgt, int* src_blocks, - uint8_t** buffer, size_t* buffer_alloc, int fd) { + uint8_t** buffer, size_t* buffer_alloc, int fd) { char* word; int rc; @@ -426,8 +423,7 @@ static int LoadSrcTgtVersion1(char** wordsave, RangeSet** tgt, int* src_blocks, } static int VerifyBlocks(const char *expected, const uint8_t *buffer, - size_t blocks, int printerror) { - char* hexdigest = NULL; + size_t blocks, bool printerror) { int rc = -1; uint8_t digest[SHA_DIGEST_SIZE]; @@ -436,128 +432,75 @@ static int VerifyBlocks(const char *expected, const uint8_t *buffer, } SHA_hash(buffer, blocks * BLOCKSIZE, digest); - hexdigest = PrintSha1(digest); - if (hexdigest != NULL) { - rc = strcmp(expected, hexdigest); + std::string hexdigest = print_sha1(digest); - if (rc != 0 && printerror) { - fprintf(stderr, "failed to verify blocks (expected %s, read %s)\n", - expected, hexdigest); - } + rc = hexdigest != std::string(expected); - free(hexdigest); + if (rc != 0 && printerror) { + fprintf(stderr, "failed to verify blocks (expected %s, read %s)\n", + expected, hexdigest.c_str()); } return rc; } -static char* GetStashFileName(const char* base, const char* id, const char* postfix) { - char* fn; - int len; - int res; - - if (base == NULL) { - return NULL; - } - - if (id == NULL) { - id = ""; - } - - if (postfix == NULL) { - postfix = ""; - } - - len = strlen(STASH_DIRECTORY_BASE) + 1 + strlen(base) + 1 + strlen(id) + strlen(postfix) + 1; - fn = reinterpret_cast(malloc(len)); - - if (fn == NULL) { - fprintf(stderr, "failed to malloc %d bytes for fn\n", len); - return NULL; +static std::string GetStashFileName(const std::string& base, const std::string id, + const std::string postfix) { + if (base.empty()) { + return ""; } - res = snprintf(fn, len, STASH_DIRECTORY_BASE "/%s/%s%s", base, id, postfix); - - if (res < 0 || res >= len) { - fprintf(stderr, "failed to format file name (return value %d)\n", res); - free(fn); - return NULL; - } + std::string fn(STASH_DIRECTORY_BASE); + fn += "/" + base + "/" + id + postfix; return fn; } -typedef void (*StashCallback)(const char*, void*); +typedef void (*StashCallback)(const std::string&, void*); // Does a best effort enumeration of stash files. Ignores possible non-file // items in the stash directory and continues despite of errors. Calls the // 'callback' function for each file and passes 'data' to the function as a // parameter. -static void EnumerateStash(const char* dirname, StashCallback callback, void* data) { - char* fn; - DIR* directory; - int len; - int res; - struct dirent* item; - - if (dirname == NULL || callback == NULL) { +static void EnumerateStash(const std::string& dirname, StashCallback callback, void* data) { + if (dirname.empty() || callback == NULL) { return; } - directory = opendir(dirname); + std::unique_ptr directory(opendir(dirname.c_str()), closedir); if (directory == NULL) { if (errno != ENOENT) { - fprintf(stderr, "opendir \"%s\" failed: %s\n", dirname, strerror(errno)); + fprintf(stderr, "opendir \"%s\" failed: %s\n", dirname.c_str(), strerror(errno)); } return; } - while ((item = readdir(directory)) != NULL) { + struct dirent* item; + while ((item = readdir(directory.get())) != NULL) { if (item->d_type != DT_REG) { continue; } - len = strlen(dirname) + 1 + strlen(item->d_name) + 1; - fn = reinterpret_cast(malloc(len)); - - if (fn == NULL) { - fprintf(stderr, "failed to malloc %d bytes for fn\n", len); - continue; - } - - res = snprintf(fn, len, "%s/%s", dirname, item->d_name); - - if (res < 0 || res >= len) { - fprintf(stderr, "failed to format file name (return value %d)\n", res); - free(fn); - continue; - } - + std::string fn = dirname + "/" + std::string(item->d_name); callback(fn, data); - free(fn); - } - - if (closedir(directory) == -1) { - fprintf(stderr, "closedir \"%s\" failed: %s\n", dirname, strerror(errno)); } } -static void UpdateFileSize(const char* fn, void* data) { - int* size = (int*) data; - struct stat st; - - if (!fn || !data) { +static void UpdateFileSize(const std::string& fn, void* data) { + if (fn.empty() || !data) { return; } - if (stat(fn, &st) == -1) { - fprintf(stderr, "stat \"%s\" failed: %s\n", fn, strerror(errno)); + struct stat st; + if (stat(fn.c_str(), &st) == -1) { + fprintf(stderr, "stat \"%s\" failed: %s\n", fn.c_str(), strerror(errno)); return; } + int* size = reinterpret_cast(data); *size += st.st_size; } @@ -565,57 +508,49 @@ static void UpdateFileSize(const char* fn, void* data) { // contains files. There is nothing we can do about unlikely, but possible // errors, so they are merely logged. -static void DeleteFile(const char* fn, void* data) { - if (fn) { - fprintf(stderr, "deleting %s\n", fn); +static void DeleteFile(const std::string& fn, void* data) { + if (!fn.empty()) { + fprintf(stderr, "deleting %s\n", fn.c_str()); - if (unlink(fn) == -1 && errno != ENOENT) { - fprintf(stderr, "unlink \"%s\" failed: %s\n", fn, strerror(errno)); + if (unlink(fn.c_str()) == -1 && errno != ENOENT) { + fprintf(stderr, "unlink \"%s\" failed: %s\n", fn.c_str(), strerror(errno)); } } } -static void DeletePartial(const char* fn, void* data) { - if (fn && strstr(fn, ".partial") != NULL) { +static void DeletePartial(const std::string& fn, void* data) { + if (android::base::EndsWith(fn, ".partial")) { DeleteFile(fn, data); } } -static void DeleteStash(const char* base) { - char* dirname; - - if (base == NULL) { +static void DeleteStash(const std::string& base) { + if (base.empty()) { return; } - dirname = GetStashFileName(base, NULL, NULL); + fprintf(stderr, "deleting stash %s\n", base.c_str()); - if (dirname == NULL) { - return; - } - - fprintf(stderr, "deleting stash %s\n", base); + std::string dirname = GetStashFileName(base, "", ""); EnumerateStash(dirname, DeleteFile, NULL); - if (rmdir(dirname) == -1) { + if (rmdir(dirname.c_str()) == -1) { if (errno != ENOENT && errno != ENOTDIR) { - fprintf(stderr, "rmdir \"%s\" failed: %s\n", dirname, strerror(errno)); + fprintf(stderr, "rmdir \"%s\" failed: %s\n", dirname.c_str(), strerror(errno)); } } - - free(dirname); } -static int LoadStash(const char* base, const char* id, int verify, int* blocks, uint8_t** buffer, - size_t* buffer_alloc, int printnoent) { - char *fn = NULL; +static int LoadStash(const std::string& base, const char* id, int verify, int* blocks, + uint8_t** buffer, size_t* buffer_alloc, bool printnoent) { + std::string fn; int blockcount = 0; int fd = -1; int rc = -1; int res; struct stat st; - if (!base || !id || !buffer || !buffer_alloc) { + if (base.empty() || !id || !buffer || !buffer_alloc) { goto lsout; } @@ -623,33 +558,29 @@ static int LoadStash(const char* base, const char* id, int verify, int* blocks, blocks = &blockcount; } - fn = GetStashFileName(base, id, NULL); + fn = GetStashFileName(base, std::string(id), ""); - if (fn == NULL) { - goto lsout; - } - - res = stat(fn, &st); + res = stat(fn.c_str(), &st); if (res == -1) { if (errno != ENOENT || printnoent) { - fprintf(stderr, "stat \"%s\" failed: %s\n", fn, strerror(errno)); + fprintf(stderr, "stat \"%s\" failed: %s\n", fn.c_str(), strerror(errno)); } goto lsout; } - fprintf(stderr, " loading %s\n", fn); + fprintf(stderr, " loading %s\n", fn.c_str()); if ((st.st_size % BLOCKSIZE) != 0) { fprintf(stderr, "%s size %" PRId64 " not multiple of block size %d", - fn, static_cast(st.st_size), BLOCKSIZE); + fn.c_str(), static_cast(st.st_size), BLOCKSIZE); goto lsout; } - fd = TEMP_FAILURE_RETRY(open(fn, O_RDONLY)); + fd = TEMP_FAILURE_RETRY(open(fn.c_str(), O_RDONLY)); if (fd == -1) { - fprintf(stderr, "open \"%s\" failed: %s\n", fn, strerror(errno)); + fprintf(stderr, "open \"%s\" failed: %s\n", fn.c_str(), strerror(errno)); goto lsout; } @@ -661,8 +592,8 @@ static int LoadStash(const char* base, const char* id, int verify, int* blocks, *blocks = st.st_size / BLOCKSIZE; - if (verify && VerifyBlocks(id, *buffer, *blocks, 1) != 0) { - fprintf(stderr, "unexpected contents in %s\n", fn); + if (verify && VerifyBlocks(id, *buffer, *blocks, true) != 0) { + fprintf(stderr, "unexpected contents in %s\n", fn.c_str()); DeleteFile(fn, NULL); goto lsout; } @@ -674,24 +605,21 @@ lsout: close(fd); } - if (fn) { - free(fn); - } - return rc; } -static int WriteStash(const char* base, const char* id, int blocks, uint8_t* buffer, - int checkspace, int *exists) { - char *fn = NULL; - char *cn = NULL; +static int WriteStash(const std::string& base, const char* id, int blocks, + uint8_t* buffer, bool checkspace, int *exists) { + std::string fn; + std::string cn; + std::string dname; int fd = -1; int rc = -1; int dfd = -1; int res; struct stat st; - if (base == NULL || buffer == NULL) { + if (base.empty() || buffer == NULL) { goto wsout; } @@ -700,21 +628,17 @@ static int WriteStash(const char* base, const char* id, int blocks, uint8_t* buf goto wsout; } - fn = GetStashFileName(base, id, ".partial"); - cn = GetStashFileName(base, id, NULL); - - if (fn == NULL || cn == NULL) { - goto wsout; - } + fn = GetStashFileName(base, std::string(id), ".partial"); + cn = GetStashFileName(base, std::string(id), ""); if (exists) { - res = stat(cn, &st); + res = stat(cn.c_str(), &st); if (res == 0) { // The file already exists and since the name is the hash of the contents, // it's safe to assume the contents are identical (accidental hash collisions // are unlikely) - fprintf(stderr, " skipping %d existing blocks in %s\n", blocks, cn); + fprintf(stderr, " skipping %d existing blocks in %s\n", blocks, cn.c_str()); *exists = 1; rc = 0; goto wsout; @@ -723,12 +647,12 @@ static int WriteStash(const char* base, const char* id, int blocks, uint8_t* buf *exists = 0; } - fprintf(stderr, " writing %d blocks to %s\n", blocks, cn); + fprintf(stderr, " writing %d blocks to %s\n", blocks, cn.c_str()); - fd = TEMP_FAILURE_RETRY(open(fn, O_WRONLY | O_CREAT | O_TRUNC, STASH_FILE_MODE)); + fd = TEMP_FAILURE_RETRY(open(fn.c_str(), O_WRONLY | O_CREAT | O_TRUNC, STASH_FILE_MODE)); if (fd == -1) { - fprintf(stderr, "failed to create \"%s\": %s\n", fn, strerror(errno)); + fprintf(stderr, "failed to create \"%s\": %s\n", fn.c_str(), strerror(errno)); goto wsout; } @@ -737,26 +661,26 @@ static int WriteStash(const char* base, const char* id, int blocks, uint8_t* buf } if (fsync(fd) == -1) { - fprintf(stderr, "fsync \"%s\" failed: %s\n", fn, strerror(errno)); + fprintf(stderr, "fsync \"%s\" failed: %s\n", fn.c_str(), strerror(errno)); goto wsout; } - if (rename(fn, cn) == -1) { - fprintf(stderr, "rename(\"%s\", \"%s\") failed: %s\n", fn, cn, strerror(errno)); + if (rename(fn.c_str(), cn.c_str()) == -1) { + fprintf(stderr, "rename(\"%s\", \"%s\") failed: %s\n", fn.c_str(), cn.c_str(), + strerror(errno)); goto wsout; } - const char* dname; - dname = dirname(cn); - dfd = TEMP_FAILURE_RETRY(open(dname, O_RDONLY | O_DIRECTORY)); + dname = GetStashFileName(base, "", ""); + dfd = TEMP_FAILURE_RETRY(open(dname.c_str(), O_RDONLY | O_DIRECTORY)); if (dfd == -1) { - fprintf(stderr, "failed to open \"%s\" failed: %s\n", dname, strerror(errno)); + fprintf(stderr, "failed to open \"%s\" failed: %s\n", dname.c_str(), strerror(errno)); goto wsout; } if (fsync(dfd) == -1) { - fprintf(stderr, "fsync \"%s\" failed: %s\n", dname, strerror(errno)); + fprintf(stderr, "fsync \"%s\" failed: %s\n", dname.c_str(), strerror(errno)); goto wsout; } @@ -771,14 +695,6 @@ wsout: close(dfd); } - if (fn) { - free(fn); - } - - if (cn) { - free(cn); - } - return rc; } @@ -786,103 +702,79 @@ wsout: // hash enough space for the expected amount of blocks we need to store. Returns // >0 if we created the directory, zero if it existed already, and <0 of failure. -static int CreateStash(State* state, int maxblocks, const char* blockdev, char** base) { - char* dirname = NULL; - const uint8_t* digest; - int rc = -1; - int res; - int size = 0; - SHA_CTX ctx; - struct stat st; - - if (blockdev == NULL || base == NULL) { - goto csout; +static int CreateStash(State* state, int maxblocks, const char* blockdev, + std::string& base) { + if (blockdev == NULL) { + return -1; } // Stash directory should be different for each partition to avoid conflicts // when updating multiple partitions at the same time, so we use the hash of // the block device name as the base directory + SHA_CTX ctx; SHA_init(&ctx); SHA_update(&ctx, blockdev, strlen(blockdev)); - digest = SHA_final(&ctx); - *base = PrintSha1(digest); - - if (*base == NULL) { - goto csout; - } + const uint8_t* digest = SHA_final(&ctx); + base = print_sha1(digest); - dirname = GetStashFileName(*base, NULL, NULL); - - if (dirname == NULL) { - goto csout; - } - - res = stat(dirname, &st); + std::string dirname = GetStashFileName(base, "", ""); + struct stat st; + int res = stat(dirname.c_str(), &st); if (res == -1 && errno != ENOENT) { - ErrorAbort(state, "stat \"%s\" failed: %s\n", dirname, strerror(errno)); - goto csout; + ErrorAbort(state, "stat \"%s\" failed: %s\n", dirname.c_str(), strerror(errno)); + return -1; } else if (res != 0) { - fprintf(stderr, "creating stash %s\n", dirname); - res = mkdir(dirname, STASH_DIRECTORY_MODE); + fprintf(stderr, "creating stash %s\n", dirname.c_str()); + res = mkdir(dirname.c_str(), STASH_DIRECTORY_MODE); if (res != 0) { - ErrorAbort(state, "mkdir \"%s\" failed: %s\n", dirname, strerror(errno)); - goto csout; + ErrorAbort(state, "mkdir \"%s\" failed: %s\n", dirname.c_str(), strerror(errno)); + return -1; } if (CacheSizeCheck(maxblocks * BLOCKSIZE) != 0) { ErrorAbort(state, "not enough space for stash\n"); - goto csout; + return -1; } - rc = 1; // Created directory - goto csout; + return 1; // Created directory } - fprintf(stderr, "using existing stash %s\n", dirname); + fprintf(stderr, "using existing stash %s\n", dirname.c_str()); // If the directory already exists, calculate the space already allocated to // stash files and check if there's enough for all required blocks. Delete any // partially completed stash files first. EnumerateStash(dirname, DeletePartial, NULL); + int size = 0; EnumerateStash(dirname, UpdateFileSize, &size); size = (maxblocks * BLOCKSIZE) - size; if (size > 0 && CacheSizeCheck(size) != 0) { ErrorAbort(state, "not enough space for stash (%d more needed)\n", size); - goto csout; - } - - rc = 0; // Using existing directory - -csout: - if (dirname) { - free(dirname); + return -1; } - return rc; + return 0; // Using existing directory } -static int SaveStash(const char* base, char** wordsave, uint8_t** buffer, size_t* buffer_alloc, - int fd, int usehash, int* isunresumable) { - char *id = NULL; - int blocks = 0; - +static int SaveStash(const std::string& base, char** wordsave, uint8_t** buffer, + size_t* buffer_alloc, int fd, int usehash, bool* isunresumable) { if (!wordsave || !buffer || !buffer_alloc || !isunresumable) { return -1; } - id = strtok_r(NULL, " ", wordsave); - + char *id = strtok_r(NULL, " ", wordsave); if (id == NULL) { fprintf(stderr, "missing id field in stash command\n"); return -1; } - if (usehash && LoadStash(base, id, 1, &blocks, buffer, buffer_alloc, 0) == 0) { + int blocks = 0; + if (usehash && LoadStash(base, id, 1, &blocks, buffer, buffer_alloc, false) == 0) { // Stash file already exists and has expected contents. Do not // read from source again, as the source may have been already // overwritten during a previous attempt. @@ -893,7 +785,7 @@ static int SaveStash(const char* base, char** wordsave, uint8_t** buffer, size_t return -1; } - if (usehash && VerifyBlocks(id, *buffer, blocks, 1) != 0) { + if (usehash && VerifyBlocks(id, *buffer, blocks, true) != 0) { // Source blocks have unexpected contents. If we actually need this // data later, this is an unrecoverable error. However, the command // that uses the data may have already completed previously, so the @@ -903,24 +795,17 @@ static int SaveStash(const char* base, char** wordsave, uint8_t** buffer, size_t } fprintf(stderr, "stashing %d blocks to %s\n", blocks, id); - return WriteStash(base, id, blocks, *buffer, 0, NULL); + return WriteStash(base, id, blocks, *buffer, false, NULL); } -static int FreeStash(const char* base, const char* id) { - char *fn = NULL; - - if (base == NULL || id == NULL) { +static int FreeStash(const std::string& base, const char* id) { + if (base.empty() || id == NULL) { return -1; } - fn = GetStashFileName(base, id, NULL); - - if (fn == NULL) { - return -1; - } + std::string fn = GetStashFileName(base, std::string(id), ""); DeleteFile(fn, NULL); - free(fn); return 0; } @@ -959,8 +844,8 @@ static void MoveRange(uint8_t* dest, RangeSet* locs, const uint8_t* source) { // target RangeSet. Any stashes required are loaded using LoadStash. static int LoadSrcTgtVersion2(char** wordsave, RangeSet** tgt, int* src_blocks, - uint8_t** buffer, size_t* buffer_alloc, int fd, - const char* stashbase, int* overlap) { + uint8_t** buffer, size_t* buffer_alloc, int fd, + const std::string& stashbase, bool* overlap) { char* word; char* colonsave; char* colon; @@ -987,7 +872,7 @@ static int LoadSrcTgtVersion2(char** wordsave, RangeSet** tgt, int* src_blocks, res = ReadBlocks(src, *buffer, fd); if (overlap && tgt) { - *overlap = range_overlaps(src, *tgt); + *overlap = range_overlaps(*src, **tgt); } free(src); @@ -1014,7 +899,7 @@ static int LoadSrcTgtVersion2(char** wordsave, RangeSet** tgt, int* src_blocks, colonsave = NULL; colon = strtok_r(word, ":", &colonsave); - res = LoadStash(stashbase, colon, 0, NULL, &stash, &stashalloc, 1); + res = LoadStash(stashbase, colon, 0, NULL, &stash, &stashalloc, true); if (res == -1) { // These source blocks will fail verification if used later, but we @@ -1042,12 +927,12 @@ typedef struct { char* cmdname; char* cpos; char* freestash; - char* stashbase; - int canwrite; + std::string stashbase; + bool canwrite; int createdstash; int fd; int foundwrites; - int isunresumable; + bool isunresumable; int version; int written; NewThreadInfo nti; @@ -1075,7 +960,7 @@ typedef struct { // can be performed. static int LoadSrcTgtVersion3(CommandParameters* params, RangeSet** tgt, int* src_blocks, - int onehash, int* overlap) { + int onehash, bool* overlap) { char* srchash = NULL; char* tgthash = NULL; int stash_exists = 0; @@ -1120,20 +1005,20 @@ static int LoadSrcTgtVersion3(CommandParameters* params, RangeSet** tgt, int* sr goto v3out; } - if (VerifyBlocks(tgthash, tgtbuffer, (*tgt)->size, 0) == 0) { + if (VerifyBlocks(tgthash, tgtbuffer, (*tgt)->size, false) == 0) { // Target blocks already have expected content, command should be skipped rc = 1; goto v3out; } - if (VerifyBlocks(srchash, params->buffer, *src_blocks, 1) == 0) { + if (VerifyBlocks(srchash, params->buffer, *src_blocks, true) == 0) { // If source and target blocks overlap, stash the source blocks so we can // resume from possible write errors if (*overlap) { fprintf(stderr, "stashing %d overlapping blocks to %s\n", *src_blocks, srchash); - if (WriteStash(params->stashbase, srchash, *src_blocks, params->buffer, 1, + if (WriteStash(params->stashbase, srchash, *src_blocks, params->buffer, true, &stash_exists) != 0) { fprintf(stderr, "failed to stash overlapping source blocks\n"); goto v3out; @@ -1151,7 +1036,7 @@ static int LoadSrcTgtVersion3(CommandParameters* params, RangeSet** tgt, int* sr } if (*overlap && LoadStash(params->stashbase, srchash, 1, NULL, ¶ms->buffer, - ¶ms->bufsize, 1) == 0) { + ¶ms->bufsize, true) == 0) { // Overlapping source blocks were previously stashed, command can proceed. // We are recovering from an interrupted command, so we don't know if the // stash can safely be deleted after this command. @@ -1161,7 +1046,7 @@ static int LoadSrcTgtVersion3(CommandParameters* params, RangeSet** tgt, int* sr // Valid source data not available, update cannot be resumed fprintf(stderr, "partition has unexpected contents\n"); - params->isunresumable = 1; + params->isunresumable = true; v3out: if (tgtbuffer) { @@ -1173,7 +1058,7 @@ v3out: static int PerformCommandMove(CommandParameters* params) { int blocks = 0; - int overlap = 0; + bool overlap = false; int rc = -1; int status = 0; RangeSet* tgt = NULL; @@ -1364,7 +1249,7 @@ static int PerformCommandDiff(CommandParameters* params) { char* logparams = NULL; char* value = NULL; int blocks = 0; - int overlap = 0; + bool overlap = false; int rc = -1; int status = 0; RangeSet* tgt = NULL; @@ -1570,7 +1455,7 @@ static unsigned int HashString(const char *s) { // - patch stream (filename within package.zip, must be uncompressed) static Value* PerformBlockImageUpdate(const char* name, State* state, int argc, Expr* argv[], - const Command* commands, int cmdcount, int dryrun) { + const Command* commands, int cmdcount, bool dryrun) { char* line = NULL; char* linesave = NULL; @@ -1725,8 +1610,7 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int argc, } if (stash_max_blocks >= 0) { - res = CreateStash(state, stash_max_blocks, blockdev_filename->data, - ¶ms.stashbase); + res = CreateStash(state, stash_max_blocks, blockdev_filename->data, params.stashbase); if (res == -1) { goto pbiudone; @@ -1847,10 +1731,6 @@ pbiudone: DeleteStash(params.stashbase); } - if (params.stashbase) { - free(params.stashbase); - } - return StringValue(rc == 0 ? strdup("t") : strdup("")); } @@ -1922,7 +1802,7 @@ Value* BlockImageVerifyFn(const char* name, State* state, int argc, Expr* argv[] // Perform a dry run without writing to test if an update can proceed return PerformBlockImageUpdate(name, state, argc, argv, commands, - sizeof(commands) / sizeof(commands[0]), 1); + sizeof(commands) / sizeof(commands[0]), true); } Value* BlockImageUpdateFn(const char* name, State* state, int argc, Expr* argv[]) { @@ -1938,7 +1818,7 @@ Value* BlockImageUpdateFn(const char* name, State* state, int argc, Expr* argv[] }; return PerformBlockImageUpdate(name, state, argc, argv, commands, - sizeof(commands) / sizeof(commands[0]), 0); + sizeof(commands) / sizeof(commands[0]), false); } Value* RangeSha1Fn(const char* name, State* state, int argc, Expr* argv[]) { @@ -1999,7 +1879,7 @@ Value* RangeSha1Fn(const char* name, State* state, int argc, Expr* argv[]) { if (digest == NULL) { return StringValue(strdup("")); } else { - return StringValue(PrintSha1(digest)); + return StringValue(strdup(print_sha1(digest).c_str())); } } -- cgit v1.2.3 From a6153df887d829c3d83231771358bfa1ee485b12 Mon Sep 17 00:00:00 2001 From: Shrinivas Sahukar Date: Wed, 19 Aug 2015 13:01:45 +0530 Subject: GOOGLEGMS-749 Fix integer overflow while applying block based OTA package There is an integer overflow when the size of system goes beyond the signed int limits. Hence changing pos to size_t. Change-Id: I6e5e1b2f0e72030b30a6df09a01642f4c82abc79 --- updater/blockimg.cpp | 94 +++++++++++++++++++++++++++------------------------- 1 file changed, 48 insertions(+), 46 deletions(-) mode change 100644 => 100755 updater/blockimg.cpp (limited to 'updater') diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp old mode 100644 new mode 100755 index 3a07da404..d5c8bb195 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -56,9 +56,9 @@ #define STASH_FILE_MODE 0600 typedef struct { - int count; - int size; - int pos[0]; + size_t count; + size_t size; + size_t pos[0]; // Actual limit is INT_MAX. } RangeSet; #define RANGESET_MAX_POINTS \ @@ -82,16 +82,17 @@ static RangeSet* parse_range(char* text) { goto err; } + errno = 0; val = strtol(token, NULL, 0); - if (val < 2 || val > RANGESET_MAX_POINTS) { + if (errno != 0 || val < 2 || val > RANGESET_MAX_POINTS) { goto err; } else if (val % 2) { goto err; // must be even } num = (int) val; - bufsize = sizeof(RangeSet) + num * sizeof(int); + bufsize = sizeof(RangeSet) + num * sizeof(size_t); out = reinterpret_cast(malloc(bufsize)); @@ -103,41 +104,50 @@ static RangeSet* parse_range(char* text) { out->count = num / 2; out->size = 0; - for (int i = 0; i < num; ++i) { + for (int i = 0; i < num; i += 2) { token = strtok_r(NULL, ",", &save); if (!token) { goto err; } + errno = 0; val = strtol(token, NULL, 0); - if (val < 0 || val > INT_MAX) { + if (errno != 0 || val < 0 || val > INT_MAX) { goto err; } - out->pos[i] = (int) val; + out->pos[i] = static_cast(val); - if (i % 2) { - if (out->pos[i - 1] >= out->pos[i]) { - goto err; // empty or negative range - } + token = strtok_r(NULL, ",", &save); - if (out->size > INT_MAX - out->pos[i]) { - goto err; // overflow - } + if (!token) { + goto err; + } - out->size += out->pos[i]; - } else { - if (out->size < 0) { - goto err; - } + errno = 0; + val = strtol(token, NULL, 0); - out->size -= out->pos[i]; + if (errno != 0 || val < 0 || val > INT_MAX) { + goto err; } + + out->pos[i+1] = static_cast(val); + + if (out->pos[i] >= out->pos[i+1]) { + goto err; // empty or negative range + } + + size_t rs = out->pos[i+1] - out->pos[i]; + if (out->size > SIZE_MAX - rs) { + goto err; // overflow + } + + out->size += rs; } - if (out->size <= 0) { + if (out->size == 0) { goto err; } @@ -149,13 +159,13 @@ err: } static bool range_overlaps(const RangeSet& r1, const RangeSet& r2) { - for (int i = 0; i < r1.count; ++i) { - int r1_0 = r1.pos[i * 2]; - int r1_1 = r1.pos[i * 2 + 1]; + for (size_t i = 0; i < r1.count; ++i) { + size_t r1_0 = r1.pos[i * 2]; + size_t r1_1 = r1.pos[i * 2 + 1]; - for (int j = 0; j < r2.count; ++j) { - int r2_0 = r2.pos[j * 2]; - int r2_1 = r2.pos[j * 2 + 1]; + for (size_t j = 0; j < r2.count; ++j) { + size_t r2_0 = r2.pos[j * 2]; + size_t r2_1 = r2.pos[j * 2 + 1]; if (!(r2_0 >= r1_1 || r1_0 >= r2_1)) { return true; @@ -219,7 +229,7 @@ static void allocate(size_t size, uint8_t** buffer, size_t* buffer_alloc) { typedef struct { int fd; RangeSet* tgt; - int p_block; + size_t p_block; size_t p_remain; } RangeSinkState; @@ -340,20 +350,18 @@ static void* unzip_new_data(void* cookie) { } static int ReadBlocks(RangeSet* src, uint8_t* buffer, int fd) { - int i; size_t p = 0; - size_t size; if (!src || !buffer) { return -1; } - for (i = 0; i < src->count; ++i) { + for (size_t i = 0; i < src->count; ++i) { if (!check_lseek(fd, (off64_t) src->pos[i * 2] * BLOCKSIZE, SEEK_SET)) { return -1; } - size = (src->pos[i * 2 + 1] - src->pos[i * 2]) * BLOCKSIZE; + size_t size = (src->pos[i * 2 + 1] - src->pos[i * 2]) * BLOCKSIZE; if (read_all(fd, buffer + p, size) == -1) { return -1; @@ -366,20 +374,18 @@ static int ReadBlocks(RangeSet* src, uint8_t* buffer, int fd) { } static int WriteBlocks(RangeSet* tgt, uint8_t* buffer, int fd) { - int i; size_t p = 0; - size_t size; if (!tgt || !buffer) { return -1; } - for (i = 0; i < tgt->count; ++i) { + for (size_t i = 0; i < tgt->count; ++i) { if (!check_lseek(fd, (off64_t) tgt->pos[i * 2] * BLOCKSIZE, SEEK_SET)) { return -1; } - size = (tgt->pos[i * 2 + 1] - tgt->pos[i * 2]) * BLOCKSIZE; + size_t size = (tgt->pos[i * 2 + 1] - tgt->pos[i * 2]) * BLOCKSIZE; if (write_all(fd, buffer + p, size) == -1) { return -1; @@ -1140,8 +1146,6 @@ static int PerformCommandFree(CommandParameters* params) { static int PerformCommandZero(CommandParameters* params) { char* range = NULL; - int i; - int j; int rc = -1; RangeSet* tgt = NULL; @@ -1164,12 +1168,12 @@ static int PerformCommandZero(CommandParameters* params) { memset(params->buffer, 0, BLOCKSIZE); if (params->canwrite) { - for (i = 0; i < tgt->count; ++i) { + for (size_t i = 0; i < tgt->count; ++i) { if (!check_lseek(params->fd, (off64_t) tgt->pos[i * 2] * BLOCKSIZE, SEEK_SET)) { goto pczout; } - for (j = tgt->pos[i * 2]; j < tgt->pos[i * 2 + 1]; ++j) { + for (size_t j = tgt->pos[i * 2]; j < tgt->pos[i * 2 + 1]; ++j) { if (write_all(params->fd, params->buffer, BLOCKSIZE) == -1) { goto pczout; } @@ -1359,7 +1363,6 @@ pcdout: static int PerformCommandErase(CommandParameters* params) { char* range = NULL; - int i; int rc = -1; RangeSet* tgt = NULL; struct stat st; @@ -1395,7 +1398,7 @@ static int PerformCommandErase(CommandParameters* params) { if (params->canwrite) { fprintf(stderr, " erasing %d blocks\n", tgt->size); - for (i = 0; i < tgt->count; ++i) { + for (size_t i = 0; i < tgt->count; ++i) { // offset in bytes blocks[0] = tgt->pos[i * 2] * (uint64_t) BLOCKSIZE; // length in bytes @@ -1852,15 +1855,14 @@ Value* RangeSha1Fn(const char* name, State* state, int argc, Expr* argv[]) { SHA_CTX ctx; SHA_init(&ctx); - int i, j; - for (i = 0; i < rs->count; ++i) { + for (size_t i = 0; i < rs->count; ++i) { if (!check_lseek(fd, (off64_t)rs->pos[i*2] * BLOCKSIZE, SEEK_SET)) { ErrorAbort(state, "failed to seek %s: %s", blockdev_filename->data, strerror(errno)); goto done; } - for (j = rs->pos[i*2]; j < rs->pos[i*2+1]; ++j) { + for (size_t j = rs->pos[i*2]; j < rs->pos[i*2+1]; ++j) { if (read_all(fd, buffer, BLOCKSIZE) == -1) { ErrorAbort(state, "failed to read %s: %s", blockdev_filename->data, strerror(errno)); -- cgit v1.2.3 From 9739a2920cedc444fa9f0854f768a0a5c66e057b Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Wed, 5 Aug 2015 12:16:20 -0700 Subject: updater: Remove the unused isunresumable in SaveStash(). Change-Id: I6a8d9bea4c1cd8ea7b534682061b90e893b227a2 --- updater/blockimg.cpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'updater') diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index d5c8bb195..7da9adf5f 100755 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -768,8 +768,8 @@ static int CreateStash(State* state, int maxblocks, const char* blockdev, } static int SaveStash(const std::string& base, char** wordsave, uint8_t** buffer, - size_t* buffer_alloc, int fd, int usehash, bool* isunresumable) { - if (!wordsave || !buffer || !buffer_alloc || !isunresumable) { + size_t* buffer_alloc, int fd, bool usehash) { + if (!wordsave || !buffer || !buffer_alloc) { return -1; } @@ -1129,7 +1129,7 @@ static int PerformCommandStash(CommandParameters* params) { } return SaveStash(params->stashbase, ¶ms->cpos, ¶ms->buffer, ¶ms->bufsize, - params->fd, (params->version >= 3), ¶ms->isunresumable); + params->fd, (params->version >= 3)); } static int PerformCommandFree(CommandParameters* params) { -- cgit v1.2.3 From 0940fe17b0a872ecb4a9e23790ad0a09c0cb3810 Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Thu, 27 Aug 2015 16:41:21 -0700 Subject: updater: Clean up C codes. Replace C-string with std::string, pointers with references, and variable-size arrays in struct with std::vector. Change-Id: I57f361a0e58286cbcd113e9be225981da56721b2 --- updater/blockimg.cpp | 1031 +++++++++++++++++++++----------------------------- 1 file changed, 429 insertions(+), 602 deletions(-) mode change 100755 => 100644 updater/blockimg.cpp (limited to 'updater') diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp old mode 100755 new mode 100644 index 7da9adf5f..5f5f9bd72 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -34,6 +34,7 @@ #include #include +#include #include @@ -41,8 +42,9 @@ #include "edify/expr.h" #include "mincrypt/sha.h" #include "minzip/Hash.h" -#include "updater.h" #include "print_sha1.h" +#include "unique_fd.h" +#include "updater.h" #define BLOCKSIZE 4096 @@ -55,106 +57,77 @@ #define STASH_DIRECTORY_MODE 0700 #define STASH_FILE_MODE 0600 -typedef struct { - size_t count; +struct RangeSet { + size_t count; // Limit is INT_MAX. size_t size; - size_t pos[0]; // Actual limit is INT_MAX. -} RangeSet; + std::vector pos; // Actual limit is INT_MAX. +}; -#define RANGESET_MAX_POINTS \ - ((int)((INT_MAX / sizeof(int)) - sizeof(RangeSet))) - -static RangeSet* parse_range(char* text) { - char* save; - char* token; - int num; - long int val; - RangeSet* out = NULL; - size_t bufsize; +static void parse_range(const char* range_text, RangeSet& rs) { - if (!text) { - goto err; + if (range_text == nullptr) { + fprintf(stderr, "failed to parse range: null range\n"); + exit(1); } - token = strtok_r(text, ",", &save); + std::vector pieces = android::base::Split(std::string(range_text), ","); + long int val; - if (!token) { + if (pieces.size() < 3) { goto err; } errno = 0; - val = strtol(token, NULL, 0); + val = strtol(pieces[0].c_str(), nullptr, 0); - if (errno != 0 || val < 2 || val > RANGESET_MAX_POINTS) { + if (errno != 0 || val < 2 || val > INT_MAX) { goto err; } else if (val % 2) { goto err; // must be even - } - - num = (int) val; - bufsize = sizeof(RangeSet) + num * sizeof(size_t); - - out = reinterpret_cast(malloc(bufsize)); - - if (!out) { - fprintf(stderr, "failed to allocate range of %zu bytes\n", bufsize); + } else if (val != static_cast(pieces.size() - 1)) { goto err; } - out->count = num / 2; - out->size = 0; - - for (int i = 0; i < num; i += 2) { - token = strtok_r(NULL, ",", &save); + size_t num; + num = static_cast(val); - if (!token) { - goto err; - } + rs.pos.resize(num); + rs.count = num / 2; + rs.size = 0; + for (size_t i = 0; i < num; i += 2) { + const char* token = pieces[i+1].c_str(); errno = 0; - val = strtol(token, NULL, 0); - + val = strtol(token, nullptr, 0); if (errno != 0 || val < 0 || val > INT_MAX) { goto err; } + rs.pos[i] = static_cast(val); - out->pos[i] = static_cast(val); - - token = strtok_r(NULL, ",", &save); - - if (!token) { - goto err; - } - + token = pieces[i+2].c_str(); errno = 0; - val = strtol(token, NULL, 0); - + val = strtol(token, nullptr, 0); if (errno != 0 || val < 0 || val > INT_MAX) { goto err; } + rs.pos[i+1] = static_cast(val); - out->pos[i+1] = static_cast(val); - - if (out->pos[i] >= out->pos[i+1]) { + if (rs.pos[i] >= rs.pos[i+1]) { goto err; // empty or negative range } - size_t rs = out->pos[i+1] - out->pos[i]; - if (out->size > SIZE_MAX - rs) { + size_t sz = rs.pos[i+1] - rs.pos[i]; + if (rs.size > SIZE_MAX - sz) { goto err; // overflow } - out->size += rs; - } - - if (out->size == 0) { - goto err; + rs.size += sz; } - return out; + return; err: - fprintf(stderr, "failed to parse range '%s'\n", text ? text : "NULL"); + fprintf(stderr, "failed to parse range '%s'\n", range_text); exit(1); } @@ -219,24 +192,26 @@ static void allocate(size_t size, uint8_t** buffer, size_t* buffer_alloc) { free(*buffer); *buffer = (uint8_t*) malloc(size); - if (*buffer == NULL) { + if (*buffer == nullptr) { fprintf(stderr, "failed to allocate %zu bytes\n", size); exit(1); } *buffer_alloc = size; } -typedef struct { +struct RangeSinkState { + RangeSinkState(RangeSet& rs) : tgt(rs) { }; + int fd; - RangeSet* tgt; + const RangeSet& tgt; size_t p_block; size_t p_remain; -} RangeSinkState; +}; static ssize_t RangeSinkWrite(const uint8_t* data, ssize_t size, void* token) { - RangeSinkState* rss = (RangeSinkState*) token; + RangeSinkState* rss = reinterpret_cast(token); - if (rss->p_remain <= 0) { + if (rss->p_remain == 0) { fprintf(stderr, "range sink write overrun"); return 0; } @@ -262,11 +237,11 @@ static ssize_t RangeSinkWrite(const uint8_t* data, ssize_t size, void* token) { if (rss->p_remain == 0) { // move to the next block ++rss->p_block; - if (rss->p_block < rss->tgt->count) { - rss->p_remain = (rss->tgt->pos[rss->p_block * 2 + 1] - - rss->tgt->pos[rss->p_block * 2]) * BLOCKSIZE; + if (rss->p_block < rss->tgt.count) { + rss->p_remain = (rss->tgt.pos[rss->p_block * 2 + 1] - + rss->tgt.pos[rss->p_block * 2]) * BLOCKSIZE; - if (!check_lseek(rss->fd, (off64_t)rss->tgt->pos[rss->p_block*2] * BLOCKSIZE, + if (!check_lseek(rss->fd, (off64_t)rss->tgt.pos[rss->p_block*2] * BLOCKSIZE, SEEK_SET)) { break; } @@ -302,7 +277,7 @@ static ssize_t RangeSinkWrite(const uint8_t* data, ssize_t size, void* token) { // condition. When the background thread is done writing, it clears // rss and signals the condition again. -typedef struct { +struct NewThreadInfo { ZipArchive* za; const ZipEntry* entry; @@ -310,16 +285,16 @@ typedef struct { pthread_mutex_t mu; pthread_cond_t cv; -} NewThreadInfo; +}; static bool receive_new_data(const unsigned char* data, int size, void* cookie) { - NewThreadInfo* nti = (NewThreadInfo*) cookie; + NewThreadInfo* nti = reinterpret_cast(cookie); while (size > 0) { - // Wait for nti->rss to be non-NULL, indicating some of this + // Wait for nti->rss to be non-null, indicating some of this // data is wanted. pthread_mutex_lock(&nti->mu); - while (nti->rss == NULL) { + while (nti->rss == nullptr) { pthread_cond_wait(&nti->cv, &nti->mu); } pthread_mutex_unlock(&nti->mu); @@ -330,11 +305,11 @@ static bool receive_new_data(const unsigned char* data, int size, void* cookie) data += written; size -= written; - if (nti->rss->p_block == nti->rss->tgt->count) { + if (nti->rss->p_block == nti->rss->tgt.count) { // we have written all the bytes desired by this rss. pthread_mutex_lock(&nti->mu); - nti->rss = NULL; + nti->rss = nullptr; pthread_cond_broadcast(&nti->cv); pthread_mutex_unlock(&nti->mu); } @@ -346,22 +321,22 @@ static bool receive_new_data(const unsigned char* data, int size, void* cookie) static void* unzip_new_data(void* cookie) { NewThreadInfo* nti = (NewThreadInfo*) cookie; mzProcessZipEntryContents(nti->za, nti->entry, receive_new_data, nti); - return NULL; + return nullptr; } -static int ReadBlocks(RangeSet* src, uint8_t* buffer, int fd) { +static int ReadBlocks(const RangeSet& src, uint8_t* buffer, int fd) { size_t p = 0; - if (!src || !buffer) { + if (!buffer) { return -1; } - for (size_t i = 0; i < src->count; ++i) { - if (!check_lseek(fd, (off64_t) src->pos[i * 2] * BLOCKSIZE, SEEK_SET)) { + for (size_t i = 0; i < src.count; ++i) { + if (!check_lseek(fd, (off64_t) src.pos[i * 2] * BLOCKSIZE, SEEK_SET)) { return -1; } - size_t size = (src->pos[i * 2 + 1] - src->pos[i * 2]) * BLOCKSIZE; + size_t size = (src.pos[i * 2 + 1] - src.pos[i * 2]) * BLOCKSIZE; if (read_all(fd, buffer + p, size) == -1) { return -1; @@ -373,19 +348,18 @@ static int ReadBlocks(RangeSet* src, uint8_t* buffer, int fd) { return 0; } -static int WriteBlocks(RangeSet* tgt, uint8_t* buffer, int fd) { - size_t p = 0; - - if (!tgt || !buffer) { +static int WriteBlocks(const RangeSet& tgt, uint8_t* buffer, int fd) { + if (!buffer) { return -1; } - for (size_t i = 0; i < tgt->count; ++i) { - if (!check_lseek(fd, (off64_t) tgt->pos[i * 2] * BLOCKSIZE, SEEK_SET)) { + size_t p = 0; + for (size_t i = 0; i < tgt.count; ++i) { + if (!check_lseek(fd, (off64_t) tgt.pos[i * 2] * BLOCKSIZE, SEEK_SET)) { return -1; } - size_t size = (tgt->pos[i * 2 + 1] - tgt->pos[i * 2]) * BLOCKSIZE; + size_t size = (tgt.pos[i * 2 + 1] - tgt.pos[i * 2]) * BLOCKSIZE; if (write_all(fd, buffer + p, size) == -1) { return -1; @@ -405,54 +379,51 @@ static int WriteBlocks(RangeSet* tgt, uint8_t* buffer, int fd) { // // The source range is loaded into the provided buffer, reallocating // it to make it larger if necessary. The target ranges are returned -// in *tgt, if tgt is non-NULL. - -static int LoadSrcTgtVersion1(char** wordsave, RangeSet** tgt, int* src_blocks, - uint8_t** buffer, size_t* buffer_alloc, int fd) { - char* word; - int rc; +// in *tgt, if tgt is non-null. - word = strtok_r(NULL, " ", wordsave); - RangeSet* src = parse_range(word); +static int LoadSrcTgtVersion1(char** wordsave, RangeSet* tgt, size_t& src_blocks, + uint8_t** buffer, size_t* buffer_alloc, int fd) { + char* word = strtok_r(nullptr, " ", wordsave); + RangeSet src; + parse_range(word, src); - if (tgt != NULL) { - word = strtok_r(NULL, " ", wordsave); - *tgt = parse_range(word); + if (tgt != nullptr) { + word = strtok_r(nullptr, " ", wordsave); + parse_range(word, *tgt); } - allocate(src->size * BLOCKSIZE, buffer, buffer_alloc); - rc = ReadBlocks(src, *buffer, fd); - *src_blocks = src->size; + allocate(src.size * BLOCKSIZE, buffer, buffer_alloc); + int rc = ReadBlocks(src, *buffer, fd); + src_blocks = src.size; - free(src); return rc; } -static int VerifyBlocks(const char *expected, const uint8_t *buffer, - size_t blocks, bool printerror) { - int rc = -1; +static int VerifyBlocks(const std::string& expected, const uint8_t* buffer, + const size_t blocks, bool printerror) { uint8_t digest[SHA_DIGEST_SIZE]; - if (!expected || !buffer) { - return rc; + if (!buffer) { + return -1; } SHA_hash(buffer, blocks * BLOCKSIZE, digest); std::string hexdigest = print_sha1(digest); - rc = hexdigest != std::string(expected); - - if (rc != 0 && printerror) { - fprintf(stderr, "failed to verify blocks (expected %s, read %s)\n", - expected, hexdigest.c_str()); + if (hexdigest != expected) { + if (printerror) { + fprintf(stderr, "failed to verify blocks (expected %s, read %s)\n", + expected.c_str(), hexdigest.c_str()); + } + return -1; } - return rc; + return 0; } -static std::string GetStashFileName(const std::string& base, const std::string id, - const std::string postfix) { +static std::string GetStashFileName(const std::string& base, const std::string& id, + const std::string& postfix) { if (base.empty()) { return ""; } @@ -471,13 +442,13 @@ typedef void (*StashCallback)(const std::string&, void*); // parameter. static void EnumerateStash(const std::string& dirname, StashCallback callback, void* data) { - if (dirname.empty() || callback == NULL) { + if (dirname.empty() || callback == nullptr) { return; } std::unique_ptr directory(opendir(dirname.c_str()), closedir); - if (directory == NULL) { + if (directory == nullptr) { if (errno != ENOENT) { fprintf(stderr, "opendir \"%s\" failed: %s\n", dirname.c_str(), strerror(errno)); } @@ -485,7 +456,7 @@ static void EnumerateStash(const std::string& dirname, StashCallback callback, v } struct dirent* item; - while ((item = readdir(directory.get())) != NULL) { + while ((item = readdir(directory.get())) != nullptr) { if (item->d_type != DT_REG) { continue; } @@ -500,21 +471,21 @@ static void UpdateFileSize(const std::string& fn, void* data) { return; } - struct stat st; - if (stat(fn.c_str(), &st) == -1) { + struct stat sb; + if (stat(fn.c_str(), &sb) == -1) { fprintf(stderr, "stat \"%s\" failed: %s\n", fn.c_str(), strerror(errno)); return; } int* size = reinterpret_cast(data); - *size += st.st_size; + *size += sb.st_size; } // Deletes the stash directory and all files in it. Assumes that it only // contains files. There is nothing we can do about unlikely, but possible // errors, so they are merely logged. -static void DeleteFile(const std::string& fn, void* data) { +static void DeleteFile(const std::string& fn, void* /* data */) { if (!fn.empty()) { fprintf(stderr, "deleting %s\n", fn.c_str()); @@ -538,7 +509,7 @@ static void DeleteStash(const std::string& base) { fprintf(stderr, "deleting stash %s\n", base.c_str()); std::string dirname = GetStashFileName(base, "", ""); - EnumerateStash(dirname, DeleteFile, NULL); + EnumerateStash(dirname, DeleteFile, nullptr); if (rmdir(dirname.c_str()) == -1) { if (errno != ENOENT && errno != ENOTDIR) { @@ -547,170 +518,141 @@ static void DeleteStash(const std::string& base) { } } -static int LoadStash(const std::string& base, const char* id, int verify, int* blocks, +static int LoadStash(const std::string& base, const std::string& id, bool verify, size_t* blocks, uint8_t** buffer, size_t* buffer_alloc, bool printnoent) { - std::string fn; - int blockcount = 0; - int fd = -1; - int rc = -1; - int res; - struct stat st; - - if (base.empty() || !id || !buffer || !buffer_alloc) { - goto lsout; + if (base.empty() || !buffer || !buffer_alloc) { + return -1; } + size_t blockcount = 0; + if (!blocks) { blocks = &blockcount; } - fn = GetStashFileName(base, std::string(id), ""); + std::string fn = GetStashFileName(base, id, ""); - res = stat(fn.c_str(), &st); + struct stat sb; + int res = stat(fn.c_str(), &sb); if (res == -1) { if (errno != ENOENT || printnoent) { fprintf(stderr, "stat \"%s\" failed: %s\n", fn.c_str(), strerror(errno)); } - goto lsout; + return -1; } fprintf(stderr, " loading %s\n", fn.c_str()); - if ((st.st_size % BLOCKSIZE) != 0) { + if ((sb.st_size % BLOCKSIZE) != 0) { fprintf(stderr, "%s size %" PRId64 " not multiple of block size %d", - fn.c_str(), static_cast(st.st_size), BLOCKSIZE); - goto lsout; + fn.c_str(), static_cast(sb.st_size), BLOCKSIZE); + return -1; } - fd = TEMP_FAILURE_RETRY(open(fn.c_str(), O_RDONLY)); + int fd = TEMP_FAILURE_RETRY(open(fn.c_str(), O_RDONLY)); + unique_fd fd_holder(fd); if (fd == -1) { fprintf(stderr, "open \"%s\" failed: %s\n", fn.c_str(), strerror(errno)); - goto lsout; + return -1; } - allocate(st.st_size, buffer, buffer_alloc); + allocate(sb.st_size, buffer, buffer_alloc); - if (read_all(fd, *buffer, st.st_size) == -1) { - goto lsout; + if (read_all(fd, *buffer, sb.st_size) == -1) { + return -1; } - *blocks = st.st_size / BLOCKSIZE; + *blocks = sb.st_size / BLOCKSIZE; if (verify && VerifyBlocks(id, *buffer, *blocks, true) != 0) { fprintf(stderr, "unexpected contents in %s\n", fn.c_str()); - DeleteFile(fn, NULL); - goto lsout; - } - - rc = 0; - -lsout: - if (fd != -1) { - close(fd); + DeleteFile(fn, nullptr); + return -1; } - return rc; + return 0; } -static int WriteStash(const std::string& base, const char* id, int blocks, - uint8_t* buffer, bool checkspace, int *exists) { - std::string fn; - std::string cn; - std::string dname; - int fd = -1; - int rc = -1; - int dfd = -1; - int res; - struct stat st; - - if (base.empty() || buffer == NULL) { - goto wsout; +static int WriteStash(const std::string& base, const std::string& id, int blocks, uint8_t* buffer, + bool checkspace, bool *exists) { + if (base.empty() || buffer == nullptr) { + return -1; } if (checkspace && CacheSizeCheck(blocks * BLOCKSIZE) != 0) { fprintf(stderr, "not enough space to write stash\n"); - goto wsout; + return -1; } - fn = GetStashFileName(base, std::string(id), ".partial"); - cn = GetStashFileName(base, std::string(id), ""); + std::string fn = GetStashFileName(base, id, ".partial"); + std::string cn = GetStashFileName(base, id, ""); if (exists) { - res = stat(cn.c_str(), &st); + struct stat sb; + int res = stat(cn.c_str(), &sb); if (res == 0) { // The file already exists and since the name is the hash of the contents, // it's safe to assume the contents are identical (accidental hash collisions // are unlikely) fprintf(stderr, " skipping %d existing blocks in %s\n", blocks, cn.c_str()); - *exists = 1; - rc = 0; - goto wsout; + *exists = true; + return 0; } - *exists = 0; + *exists = false; } fprintf(stderr, " writing %d blocks to %s\n", blocks, cn.c_str()); - fd = TEMP_FAILURE_RETRY(open(fn.c_str(), O_WRONLY | O_CREAT | O_TRUNC, STASH_FILE_MODE)); + int fd = TEMP_FAILURE_RETRY(open(fn.c_str(), O_WRONLY | O_CREAT | O_TRUNC, STASH_FILE_MODE)); + unique_fd fd_holder(fd); if (fd == -1) { fprintf(stderr, "failed to create \"%s\": %s\n", fn.c_str(), strerror(errno)); - goto wsout; + return -1; } if (write_all(fd, buffer, blocks * BLOCKSIZE) == -1) { - goto wsout; + return -1; } if (fsync(fd) == -1) { fprintf(stderr, "fsync \"%s\" failed: %s\n", fn.c_str(), strerror(errno)); - goto wsout; + return -1; } if (rename(fn.c_str(), cn.c_str()) == -1) { fprintf(stderr, "rename(\"%s\", \"%s\") failed: %s\n", fn.c_str(), cn.c_str(), strerror(errno)); - goto wsout; + return -1; } - dname = GetStashFileName(base, "", ""); - dfd = TEMP_FAILURE_RETRY(open(dname.c_str(), O_RDONLY | O_DIRECTORY)); + std::string dname = GetStashFileName(base, "", ""); + int dfd = TEMP_FAILURE_RETRY(open(dname.c_str(), O_RDONLY | O_DIRECTORY)); + unique_fd dfd_holder(dfd); if (dfd == -1) { fprintf(stderr, "failed to open \"%s\" failed: %s\n", dname.c_str(), strerror(errno)); - goto wsout; + return -1; } if (fsync(dfd) == -1) { fprintf(stderr, "fsync \"%s\" failed: %s\n", dname.c_str(), strerror(errno)); - goto wsout; - } - - rc = 0; - -wsout: - if (fd != -1) { - close(fd); - } - - if (dfd != -1) { - close(dfd); + return -1; } - return rc; + return 0; } // Creates a directory for storing stash files and checks if the /cache partition // hash enough space for the expected amount of blocks we need to store. Returns // >0 if we created the directory, zero if it existed already, and <0 of failure. -static int CreateStash(State* state, int maxblocks, const char* blockdev, - std::string& base) { - if (blockdev == NULL) { +static int CreateStash(State* state, int maxblocks, const char* blockdev, std::string& base) { + if (blockdev == nullptr) { return -1; } @@ -724,8 +666,8 @@ static int CreateStash(State* state, int maxblocks, const char* blockdev, base = print_sha1(digest); std::string dirname = GetStashFileName(base, "", ""); - struct stat st; - int res = stat(dirname.c_str(), &st); + struct stat sb; + int res = stat(dirname.c_str(), &sb); if (res == -1 && errno != ENOENT) { ErrorAbort(state, "stat \"%s\" failed: %s\n", dirname.c_str(), strerror(errno)); @@ -753,11 +695,11 @@ static int CreateStash(State* state, int maxblocks, const char* blockdev, // stash files and check if there's enough for all required blocks. Delete any // partially completed stash files first. - EnumerateStash(dirname, DeletePartial, NULL); + EnumerateStash(dirname, DeletePartial, nullptr); int size = 0; EnumerateStash(dirname, UpdateFileSize, &size); - size = (maxblocks * BLOCKSIZE) - size; + size = maxblocks * BLOCKSIZE - size; if (size > 0 && CacheSizeCheck(size) != 0) { ErrorAbort(state, "not enough space for stash (%d more needed)\n", size); @@ -768,26 +710,27 @@ static int CreateStash(State* state, int maxblocks, const char* blockdev, } static int SaveStash(const std::string& base, char** wordsave, uint8_t** buffer, - size_t* buffer_alloc, int fd, bool usehash) { + size_t* buffer_alloc, int fd, bool usehash) { if (!wordsave || !buffer || !buffer_alloc) { return -1; } - char *id = strtok_r(NULL, " ", wordsave); - if (id == NULL) { + char *id_tok = strtok_r(nullptr, " ", wordsave); + if (id_tok == nullptr) { fprintf(stderr, "missing id field in stash command\n"); return -1; } + std::string id(id_tok); - int blocks = 0; - if (usehash && LoadStash(base, id, 1, &blocks, buffer, buffer_alloc, false) == 0) { + size_t blocks = 0; + if (usehash && LoadStash(base, id, true, &blocks, buffer, buffer_alloc, false) == 0) { // Stash file already exists and has expected contents. Do not // read from source again, as the source may have been already // overwritten during a previous attempt. return 0; } - if (LoadSrcTgtVersion1(wordsave, NULL, &blocks, buffer, buffer_alloc, fd) == -1) { + if (LoadSrcTgtVersion1(wordsave, nullptr, blocks, buffer, buffer_alloc, fd) == -1) { return -1; } @@ -796,37 +739,36 @@ static int SaveStash(const std::string& base, char** wordsave, uint8_t** buffer, // data later, this is an unrecoverable error. However, the command // that uses the data may have already completed previously, so the // possible failure will occur during source block verification. - fprintf(stderr, "failed to load source blocks for stash %s\n", id); + fprintf(stderr, "failed to load source blocks for stash %s\n", id.c_str()); return 0; } - fprintf(stderr, "stashing %d blocks to %s\n", blocks, id); - return WriteStash(base, id, blocks, *buffer, false, NULL); + fprintf(stderr, "stashing %zu blocks to %s\n", blocks, id.c_str()); + return WriteStash(base, id, blocks, *buffer, false, nullptr); } static int FreeStash(const std::string& base, const char* id) { - if (base.empty() || id == NULL) { + if (base.empty() || id == nullptr) { return -1; } std::string fn = GetStashFileName(base, std::string(id), ""); - DeleteFile(fn, NULL); + DeleteFile(fn, nullptr); return 0; } -static void MoveRange(uint8_t* dest, RangeSet* locs, const uint8_t* source) { +static void MoveRange(uint8_t* dest, const RangeSet& locs, const uint8_t* source) { // source contains packed data, which we want to move to the // locations given in *locs in the dest buffer. source and dest // may be the same buffer. - int start = locs->size; - int i; - for (i = locs->count-1; i >= 0; --i) { - int blocks = locs->pos[i*2+1] - locs->pos[i*2]; + size_t start = locs.size; + for (int i = locs.count-1; i >= 0; --i) { + size_t blocks = locs.pos[i*2+1] - locs.pos[i*2]; start -= blocks; - memmove(dest + (locs->pos[i*2] * BLOCKSIZE), source + (start * BLOCKSIZE), + memmove(dest + (locs.pos[i*2] * BLOCKSIZE), source + (start * BLOCKSIZE), blocks * BLOCKSIZE); } } @@ -849,63 +791,59 @@ static void MoveRange(uint8_t* dest, RangeSet* locs, const uint8_t* source) { // reallocated if needed to accommodate the source data. *tgt is the // target RangeSet. Any stashes required are loaded using LoadStash. -static int LoadSrcTgtVersion2(char** wordsave, RangeSet** tgt, int* src_blocks, - uint8_t** buffer, size_t* buffer_alloc, int fd, - const std::string& stashbase, bool* overlap) { +static int LoadSrcTgtVersion2(char** wordsave, RangeSet* tgt, size_t& src_blocks, uint8_t** buffer, + size_t* buffer_alloc, int fd, const std::string& stashbase, bool* overlap) { char* word; char* colonsave; char* colon; - int res; - RangeSet* locs; + RangeSet locs; size_t stashalloc = 0; - uint8_t* stash = NULL; + uint8_t* stash = nullptr; - if (tgt != NULL) { - word = strtok_r(NULL, " ", wordsave); - *tgt = parse_range(word); + if (tgt != nullptr) { + word = strtok_r(nullptr, " ", wordsave); + parse_range(word, *tgt); } - word = strtok_r(NULL, " ", wordsave); - *src_blocks = strtol(word, NULL, 0); + word = strtok_r(nullptr, " ", wordsave); + src_blocks = strtol(word, nullptr, 0); - allocate(*src_blocks * BLOCKSIZE, buffer, buffer_alloc); + allocate(src_blocks * BLOCKSIZE, buffer, buffer_alloc); - word = strtok_r(NULL, " ", wordsave); + word = strtok_r(nullptr, " ", wordsave); if (word[0] == '-' && word[1] == '\0') { // no source ranges, only stashes } else { - RangeSet* src = parse_range(word); - res = ReadBlocks(src, *buffer, fd); + RangeSet src; + parse_range(word, src); + int res = ReadBlocks(src, *buffer, fd); if (overlap && tgt) { - *overlap = range_overlaps(*src, **tgt); + *overlap = range_overlaps(src, *tgt); } - free(src); - if (res == -1) { return -1; } - word = strtok_r(NULL, " ", wordsave); - if (word == NULL) { + word = strtok_r(nullptr, " ", wordsave); + if (word == nullptr) { // no stashes, only source range return 0; } - locs = parse_range(word); + parse_range(word, locs); MoveRange(*buffer, locs, *buffer); - free(locs); } - while ((word = strtok_r(NULL, " ", wordsave)) != NULL) { + while ((word = strtok_r(nullptr, " ", wordsave)) != nullptr) { // Each word is a an index into the stash table, a colon, and // then a rangeset describing where in the source block that // stashed data should go. - colonsave = NULL; + colonsave = nullptr; colon = strtok_r(word, ":", &colonsave); - res = LoadStash(stashbase, colon, 0, NULL, &stash, &stashalloc, true); + int res = LoadStash(stashbase, std::string(colon), false, nullptr, &stash, &stashalloc, true); if (res == -1) { // These source blocks will fail verification if used later, but we @@ -914,11 +852,10 @@ static int LoadSrcTgtVersion2(char** wordsave, RangeSet** tgt, int* src_blocks, continue; } - colon = strtok_r(NULL, ":", &colonsave); - locs = parse_range(colon); + colon = strtok_r(nullptr, ":", &colonsave); + parse_range(colon, locs); MoveRange(*buffer, locs, stash); - free(locs); } if (stash) { @@ -929,7 +866,7 @@ static int LoadSrcTgtVersion2(char** wordsave, RangeSet** tgt, int* src_blocks, } // Parameters for transfer list command functions -typedef struct { +struct CommandParameters { char* cmdname; char* cpos; char* freestash; @@ -937,16 +874,16 @@ typedef struct { bool canwrite; int createdstash; int fd; - int foundwrites; + bool foundwrites; bool isunresumable; int version; - int written; + size_t written; NewThreadInfo nti; pthread_t thread; size_t bufsize; uint8_t* buffer; uint8_t* patch_start; -} CommandParameters; +}; // Do a source/target load for move/bsdiff/imgdiff in version 3. // @@ -965,464 +902,367 @@ typedef struct { // If the return value is 0, source blocks have expected content and the command // can be performed. -static int LoadSrcTgtVersion3(CommandParameters* params, RangeSet** tgt, int* src_blocks, - int onehash, bool* overlap) { - char* srchash = NULL; - char* tgthash = NULL; - int stash_exists = 0; - int rc = -1; - uint8_t* tgtbuffer = NULL; +static int LoadSrcTgtVersion3(CommandParameters& params, RangeSet* tgt, size_t& src_blocks, + bool onehash, bool& overlap) { - if (!params|| !tgt || !src_blocks || !overlap) { - goto v3out; + if (!tgt) { + return -1; } - srchash = strtok_r(NULL, " ", ¶ms->cpos); - - if (srchash == NULL) { + char* srchash = strtok_r(nullptr, " ", ¶ms.cpos); + if (srchash == nullptr) { fprintf(stderr, "missing source hash\n"); - goto v3out; + return -1; } + char* tgthash = nullptr; if (onehash) { tgthash = srchash; } else { - tgthash = strtok_r(NULL, " ", ¶ms->cpos); + tgthash = strtok_r(nullptr, " ", ¶ms.cpos); - if (tgthash == NULL) { + if (tgthash == nullptr) { fprintf(stderr, "missing target hash\n"); - goto v3out; + return -1; } } - if (LoadSrcTgtVersion2(¶ms->cpos, tgt, src_blocks, ¶ms->buffer, ¶ms->bufsize, - params->fd, params->stashbase, overlap) == -1) { - goto v3out; + if (LoadSrcTgtVersion2(¶ms.cpos, tgt, src_blocks, ¶ms.buffer, ¶ms.bufsize, + params.fd, params.stashbase, &overlap) == -1) { + return -1; } - tgtbuffer = (uint8_t*) malloc((*tgt)->size * BLOCKSIZE); + std::vector tgtbuffer(tgt->size * BLOCKSIZE); - if (tgtbuffer == NULL) { - fprintf(stderr, "failed to allocate %d bytes\n", (*tgt)->size * BLOCKSIZE); - goto v3out; - } - - if (ReadBlocks(*tgt, tgtbuffer, params->fd) == -1) { - goto v3out; + if (ReadBlocks(*tgt, tgtbuffer.data(), params.fd) == -1) { + return -1; } - if (VerifyBlocks(tgthash, tgtbuffer, (*tgt)->size, false) == 0) { + if (VerifyBlocks(tgthash, tgtbuffer.data(), tgt->size, false) == 0) { // Target blocks already have expected content, command should be skipped - rc = 1; - goto v3out; + fprintf(stderr, "verified, to return 1"); + return 1; } - if (VerifyBlocks(srchash, params->buffer, *src_blocks, true) == 0) { + if (VerifyBlocks(srchash, params.buffer, src_blocks, true) == 0) { // If source and target blocks overlap, stash the source blocks so we can // resume from possible write errors - if (*overlap) { - fprintf(stderr, "stashing %d overlapping blocks to %s\n", *src_blocks, - srchash); + if (overlap) { + fprintf(stderr, "stashing %zu overlapping blocks to %s\n", src_blocks, srchash); - if (WriteStash(params->stashbase, srchash, *src_blocks, params->buffer, true, - &stash_exists) != 0) { + bool stash_exists = false; + if (WriteStash(params.stashbase, std::string(srchash), src_blocks, params.buffer, true, + &stash_exists) != 0) { fprintf(stderr, "failed to stash overlapping source blocks\n"); - goto v3out; + return -1; } // Can be deleted when the write has completed if (!stash_exists) { - params->freestash = srchash; + params.freestash = srchash; } } // Source blocks have expected content, command can proceed - rc = 0; - goto v3out; + return 0; } - if (*overlap && LoadStash(params->stashbase, srchash, 1, NULL, ¶ms->buffer, - ¶ms->bufsize, true) == 0) { + if (overlap && LoadStash(params.stashbase, std::string(srchash), true, nullptr, ¶ms.buffer, + ¶ms.bufsize, true) == 0) { // Overlapping source blocks were previously stashed, command can proceed. // We are recovering from an interrupted command, so we don't know if the // stash can safely be deleted after this command. - rc = 0; - goto v3out; + return 0; } // Valid source data not available, update cannot be resumed fprintf(stderr, "partition has unexpected contents\n"); - params->isunresumable = true; - -v3out: - if (tgtbuffer) { - free(tgtbuffer); - } + params.isunresumable = true; - return rc; + return -1; } -static int PerformCommandMove(CommandParameters* params) { - int blocks = 0; +static int PerformCommandMove(CommandParameters& params) { + size_t blocks = 0; bool overlap = false; - int rc = -1; int status = 0; - RangeSet* tgt = NULL; + RangeSet tgt; - if (!params) { - goto pcmout; - } - - if (params->version == 1) { - status = LoadSrcTgtVersion1(¶ms->cpos, &tgt, &blocks, ¶ms->buffer, - ¶ms->bufsize, params->fd); - } else if (params->version == 2) { - status = LoadSrcTgtVersion2(¶ms->cpos, &tgt, &blocks, ¶ms->buffer, - ¶ms->bufsize, params->fd, params->stashbase, NULL); - } else if (params->version >= 3) { - status = LoadSrcTgtVersion3(params, &tgt, &blocks, 1, &overlap); + if (params.version == 1) { + status = LoadSrcTgtVersion1(¶ms.cpos, &tgt, blocks, ¶ms.buffer, + ¶ms.bufsize, params.fd); + } else if (params.version == 2) { + status = LoadSrcTgtVersion2(¶ms.cpos, &tgt, blocks, ¶ms.buffer, + ¶ms.bufsize, params.fd, params.stashbase, nullptr); + } else if (params.version >= 3) { + status = LoadSrcTgtVersion3(params, &tgt, blocks, true, overlap); } if (status == -1) { fprintf(stderr, "failed to read blocks for move\n"); - goto pcmout; + return -1; } if (status == 0) { - params->foundwrites = 1; - } else if (params->foundwrites) { - fprintf(stderr, "warning: commands executed out of order [%s]\n", params->cmdname); + params.foundwrites = true; + } else if (params.foundwrites) { + fprintf(stderr, "warning: commands executed out of order [%s]\n", params.cmdname); } - if (params->canwrite) { + if (params.canwrite) { if (status == 0) { - fprintf(stderr, " moving %d blocks\n", blocks); + fprintf(stderr, " moving %zu blocks\n", blocks); - if (WriteBlocks(tgt, params->buffer, params->fd) == -1) { - goto pcmout; + if (WriteBlocks(tgt, params.buffer, params.fd) == -1) { + return -1; } } else { - fprintf(stderr, "skipping %d already moved blocks\n", blocks); + fprintf(stderr, "skipping %zu already moved blocks\n", blocks); } } - if (params->freestash) { - FreeStash(params->stashbase, params->freestash); - params->freestash = NULL; + if (params.freestash) { + FreeStash(params.stashbase, params.freestash); + params.freestash = nullptr; } - params->written += tgt->size; - rc = 0; + params.written += tgt.size; -pcmout: - if (tgt) { - free(tgt); - } - - return rc; + return 0; } -static int PerformCommandStash(CommandParameters* params) { - if (!params) { - return -1; - } - - return SaveStash(params->stashbase, ¶ms->cpos, ¶ms->buffer, ¶ms->bufsize, - params->fd, (params->version >= 3)); +static int PerformCommandStash(CommandParameters& params) { + return SaveStash(params.stashbase, ¶ms.cpos, ¶ms.buffer, ¶ms.bufsize, + params.fd, (params.version >= 3)); } -static int PerformCommandFree(CommandParameters* params) { - if (!params) { - return -1; - } - - if (params->createdstash || params->canwrite) { - return FreeStash(params->stashbase, params->cpos); +static int PerformCommandFree(CommandParameters& params) { + if (params.createdstash || params.canwrite) { + return FreeStash(params.stashbase, params.cpos); } return 0; } -static int PerformCommandZero(CommandParameters* params) { - char* range = NULL; - int rc = -1; - RangeSet* tgt = NULL; +static int PerformCommandZero(CommandParameters& params) { + char* range = strtok_r(nullptr, " ", ¶ms.cpos); - if (!params) { - goto pczout; - } - - range = strtok_r(NULL, " ", ¶ms->cpos); - - if (range == NULL) { + if (range == nullptr) { fprintf(stderr, "missing target blocks for zero\n"); - goto pczout; + return -1; } - tgt = parse_range(range); + RangeSet tgt; + parse_range(range, tgt); - fprintf(stderr, " zeroing %d blocks\n", tgt->size); + fprintf(stderr, " zeroing %zu blocks\n", tgt.size); - allocate(BLOCKSIZE, ¶ms->buffer, ¶ms->bufsize); - memset(params->buffer, 0, BLOCKSIZE); + allocate(BLOCKSIZE, ¶ms.buffer, ¶ms.bufsize); + memset(params.buffer, 0, BLOCKSIZE); - if (params->canwrite) { - for (size_t i = 0; i < tgt->count; ++i) { - if (!check_lseek(params->fd, (off64_t) tgt->pos[i * 2] * BLOCKSIZE, SEEK_SET)) { - goto pczout; + if (params.canwrite) { + for (size_t i = 0; i < tgt.count; ++i) { + if (!check_lseek(params.fd, (off64_t) tgt.pos[i * 2] * BLOCKSIZE, SEEK_SET)) { + return -1; } - for (size_t j = tgt->pos[i * 2]; j < tgt->pos[i * 2 + 1]; ++j) { - if (write_all(params->fd, params->buffer, BLOCKSIZE) == -1) { - goto pczout; + for (size_t j = tgt.pos[i * 2]; j < tgt.pos[i * 2 + 1]; ++j) { + if (write_all(params.fd, params.buffer, BLOCKSIZE) == -1) { + return -1; } } } } - if (params->cmdname[0] == 'z') { + if (params.cmdname[0] == 'z') { // Update only for the zero command, as the erase command will call // this if DEBUG_ERASE is defined. - params->written += tgt->size; - } - - rc = 0; - -pczout: - if (tgt) { - free(tgt); + params.written += tgt.size; } - return rc; + return 0; } -static int PerformCommandNew(CommandParameters* params) { - char* range = NULL; - int rc = -1; - RangeSet* tgt = NULL; - RangeSinkState rss; +static int PerformCommandNew(CommandParameters& params) { + char* range = strtok_r(nullptr, " ", ¶ms.cpos); - if (!params) { - goto pcnout; - } - - range = strtok_r(NULL, " ", ¶ms->cpos); - - if (range == NULL) { - goto pcnout; + if (range == nullptr) { + return -1; } - tgt = parse_range(range); + RangeSet tgt; + parse_range(range, tgt); - if (params->canwrite) { - fprintf(stderr, " writing %d blocks of new data\n", tgt->size); + if (params.canwrite) { + fprintf(stderr, " writing %zu blocks of new data\n", tgt.size); - rss.fd = params->fd; - rss.tgt = tgt; + RangeSinkState rss(tgt); + rss.fd = params.fd; rss.p_block = 0; - rss.p_remain = (tgt->pos[1] - tgt->pos[0]) * BLOCKSIZE; + rss.p_remain = (tgt.pos[1] - tgt.pos[0]) * BLOCKSIZE; - if (!check_lseek(params->fd, (off64_t) tgt->pos[0] * BLOCKSIZE, SEEK_SET)) { - goto pcnout; + if (!check_lseek(params.fd, (off64_t) tgt.pos[0] * BLOCKSIZE, SEEK_SET)) { + return -1; } - pthread_mutex_lock(¶ms->nti.mu); - params->nti.rss = &rss; - pthread_cond_broadcast(¶ms->nti.cv); + pthread_mutex_lock(¶ms.nti.mu); + params.nti.rss = &rss; + pthread_cond_broadcast(¶ms.nti.cv); - while (params->nti.rss) { - pthread_cond_wait(¶ms->nti.cv, ¶ms->nti.mu); + while (params.nti.rss) { + pthread_cond_wait(¶ms.nti.cv, ¶ms.nti.mu); } - pthread_mutex_unlock(¶ms->nti.mu); + pthread_mutex_unlock(¶ms.nti.mu); } - params->written += tgt->size; - rc = 0; - -pcnout: - if (tgt) { - free(tgt); - } + params.written += tgt.size; - return rc; + return 0; } -static int PerformCommandDiff(CommandParameters* params) { - char* logparams = NULL; - char* value = NULL; - int blocks = 0; +static int PerformCommandDiff(CommandParameters& params) { + char* value = nullptr; bool overlap = false; - int rc = -1; - int status = 0; - RangeSet* tgt = NULL; - RangeSinkState rss; - size_t len = 0; - size_t offset = 0; - Value patch_value; + RangeSet tgt; - if (!params) { - goto pcdout; - } + const std::string logparams(params.cpos); + value = strtok_r(nullptr, " ", ¶ms.cpos); - logparams = strdup(params->cpos); - value = strtok_r(NULL, " ", ¶ms->cpos); - - if (value == NULL) { - fprintf(stderr, "missing patch offset for %s\n", params->cmdname); - goto pcdout; + if (value == nullptr) { + fprintf(stderr, "missing patch offset for %s\n", params.cmdname); + return -1; } - offset = strtoul(value, NULL, 0); + size_t offset = strtoul(value, nullptr, 0); - value = strtok_r(NULL, " ", ¶ms->cpos); + value = strtok_r(nullptr, " ", ¶ms.cpos); - if (value == NULL) { - fprintf(stderr, "missing patch length for %s\n", params->cmdname); - goto pcdout; + if (value == nullptr) { + fprintf(stderr, "missing patch length for %s\n", params.cmdname); + return -1; } - len = strtoul(value, NULL, 0); + size_t len = strtoul(value, nullptr, 0); - if (params->version == 1) { - status = LoadSrcTgtVersion1(¶ms->cpos, &tgt, &blocks, ¶ms->buffer, - ¶ms->bufsize, params->fd); - } else if (params->version == 2) { - status = LoadSrcTgtVersion2(¶ms->cpos, &tgt, &blocks, ¶ms->buffer, - ¶ms->bufsize, params->fd, params->stashbase, NULL); - } else if (params->version >= 3) { - status = LoadSrcTgtVersion3(params, &tgt, &blocks, 0, &overlap); + size_t blocks = 0; + int status = 0; + if (params.version == 1) { + status = LoadSrcTgtVersion1(¶ms.cpos, &tgt, blocks, ¶ms.buffer, + ¶ms.bufsize, params.fd); + } else if (params.version == 2) { + status = LoadSrcTgtVersion2(¶ms.cpos, &tgt, blocks, ¶ms.buffer, + ¶ms.bufsize, params.fd, params.stashbase, nullptr); + } else if (params.version >= 3) { + status = LoadSrcTgtVersion3(params, &tgt, blocks, false, overlap); } if (status == -1) { fprintf(stderr, "failed to read blocks for diff\n"); - goto pcdout; + return -1; } if (status == 0) { - params->foundwrites = 1; - } else if (params->foundwrites) { - fprintf(stderr, "warning: commands executed out of order [%s]\n", params->cmdname); + params.foundwrites = true; + } else if (params.foundwrites) { + fprintf(stderr, "warning: commands executed out of order [%s]\n", params.cmdname); } - if (params->canwrite) { + if (params.canwrite) { if (status == 0) { - fprintf(stderr, "patching %d blocks to %d\n", blocks, tgt->size); + fprintf(stderr, "patching %zu blocks to %zu\n", blocks, tgt.size); + Value patch_value; patch_value.type = VAL_BLOB; patch_value.size = len; - patch_value.data = (char*) (params->patch_start + offset); + patch_value.data = (char*) (params.patch_start + offset); - rss.fd = params->fd; - rss.tgt = tgt; + RangeSinkState rss(tgt); + rss.fd = params.fd; rss.p_block = 0; - rss.p_remain = (tgt->pos[1] - tgt->pos[0]) * BLOCKSIZE; + rss.p_remain = (tgt.pos[1] - tgt.pos[0]) * BLOCKSIZE; - if (!check_lseek(params->fd, (off64_t) tgt->pos[0] * BLOCKSIZE, SEEK_SET)) { - goto pcdout; + if (!check_lseek(params.fd, (off64_t) tgt.pos[0] * BLOCKSIZE, SEEK_SET)) { + return -1; } - if (params->cmdname[0] == 'i') { // imgdiff - ApplyImagePatch(params->buffer, blocks * BLOCKSIZE, &patch_value, - &RangeSinkWrite, &rss, NULL, NULL); + if (params.cmdname[0] == 'i') { // imgdiff + ApplyImagePatch(params.buffer, blocks * BLOCKSIZE, &patch_value, + &RangeSinkWrite, &rss, nullptr, nullptr); } else { - ApplyBSDiffPatch(params->buffer, blocks * BLOCKSIZE, &patch_value, - 0, &RangeSinkWrite, &rss, NULL); + ApplyBSDiffPatch(params.buffer, blocks * BLOCKSIZE, &patch_value, + 0, &RangeSinkWrite, &rss, nullptr); } // We expect the output of the patcher to fill the tgt ranges exactly. - if (rss.p_block != tgt->count || rss.p_remain != 0) { + if (rss.p_block != tgt.count || rss.p_remain != 0) { fprintf(stderr, "range sink underrun?\n"); } } else { - fprintf(stderr, "skipping %d blocks already patched to %d [%s]\n", - blocks, tgt->size, logparams); + fprintf(stderr, "skipping %zu blocks already patched to %zu [%s]\n", + blocks, tgt.size, logparams.c_str()); } } - if (params->freestash) { - FreeStash(params->stashbase, params->freestash); - params->freestash = NULL; + if (params.freestash) { + FreeStash(params.stashbase, params.freestash); + params.freestash = nullptr; } - params->written += tgt->size; - rc = 0; + params.written += tgt.size; -pcdout: - if (logparams) { - free(logparams); - } - - if (tgt) { - free(tgt); - } - - return rc; + return 0; } -static int PerformCommandErase(CommandParameters* params) { - char* range = NULL; - int rc = -1; - RangeSet* tgt = NULL; - struct stat st; - uint64_t blocks[2]; - +static int PerformCommandErase(CommandParameters& params) { if (DEBUG_ERASE) { return PerformCommandZero(params); } - if (!params) { - goto pceout; - } - - if (fstat(params->fd, &st) == -1) { + struct stat sb; + if (fstat(params.fd, &sb) == -1) { fprintf(stderr, "failed to fstat device to erase: %s\n", strerror(errno)); - goto pceout; + return -1; } - if (!S_ISBLK(st.st_mode)) { + if (!S_ISBLK(sb.st_mode)) { fprintf(stderr, "not a block device; skipping erase\n"); - goto pceout; + return -1; } - range = strtok_r(NULL, " ", ¶ms->cpos); + char* range = strtok_r(nullptr, " ", ¶ms.cpos); - if (range == NULL) { + if (range == nullptr) { fprintf(stderr, "missing target blocks for erase\n"); - goto pceout; + return -1; } - tgt = parse_range(range); + RangeSet tgt; + parse_range(range, tgt); - if (params->canwrite) { - fprintf(stderr, " erasing %d blocks\n", tgt->size); + if (params.canwrite) { + fprintf(stderr, " erasing %zu blocks\n", tgt.size); - for (size_t i = 0; i < tgt->count; ++i) { + for (size_t i = 0; i < tgt.count; ++i) { + uint64_t blocks[2]; // offset in bytes - blocks[0] = tgt->pos[i * 2] * (uint64_t) BLOCKSIZE; + blocks[0] = tgt.pos[i * 2] * (uint64_t) BLOCKSIZE; // length in bytes - blocks[1] = (tgt->pos[i * 2 + 1] - tgt->pos[i * 2]) * (uint64_t) BLOCKSIZE; + blocks[1] = (tgt.pos[i * 2 + 1] - tgt.pos[i * 2]) * (uint64_t) BLOCKSIZE; - if (ioctl(params->fd, BLKDISCARD, &blocks) == -1) { + if (ioctl(params.fd, BLKDISCARD, &blocks) == -1) { fprintf(stderr, "BLKDISCARD ioctl failed: %s\n", strerror(errno)); - goto pceout; + return -1; } } } - rc = 0; - -pceout: - if (tgt) { - free(tgt); - } - - return rc; + return 0; } // Definitions for transfer list command functions -typedef int (*CommandFunction)(CommandParameters*); +typedef int (*CommandFunction)(CommandParameters&); typedef struct { const char* name; @@ -1457,32 +1297,28 @@ static unsigned int HashString(const char *s) { // - new data stream (filename within package.zip) // - patch stream (filename within package.zip, must be uncompressed) -static Value* PerformBlockImageUpdate(const char* name, State* state, int argc, Expr* argv[], - const Command* commands, int cmdcount, bool dryrun) { +static Value* PerformBlockImageUpdate(const char* name, State* state, int /* argc */, Expr* argv[], + const Command* commands, size_t cmdcount, bool dryrun) { - char* line = NULL; - char* linesave = NULL; - char* logcmd = NULL; - char* transfer_list = NULL; + char* line = nullptr; + char* linesave = nullptr; + char* transfer_list = nullptr; CommandParameters params; - const Command* cmd = NULL; - const ZipEntry* new_entry = NULL; - const ZipEntry* patch_entry = NULL; - FILE* cmd_pipe = NULL; - HashTable* cmdht = NULL; - int i; + const Command* cmd = nullptr; + const ZipEntry* new_entry = nullptr; + const ZipEntry* patch_entry = nullptr; + FILE* cmd_pipe = nullptr; + HashTable* cmdht = nullptr; int res; int rc = -1; - int stash_max_blocks = 0; int total_blocks = 0; pthread_attr_t attr; - unsigned int cmdhash; - UpdaterInfo* ui = NULL; - Value* blockdev_filename = NULL; - Value* new_data_fn = NULL; - Value* patch_data_fn = NULL; - Value* transfer_list_value = NULL; - ZipArchive* za = NULL; + UpdaterInfo* ui = nullptr; + Value* blockdev_filename = nullptr; + Value* new_data_fn = nullptr; + Value* patch_data_fn = nullptr; + Value* transfer_list_value = nullptr; + ZipArchive* za = nullptr; memset(¶ms, 0, sizeof(params)); params.canwrite = !dryrun; @@ -1513,20 +1349,20 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int argc, ui = (UpdaterInfo*) state->cookie; - if (ui == NULL) { + if (ui == nullptr) { goto pbiudone; } cmd_pipe = ui->cmd_pipe; za = ui->package_zip; - if (cmd_pipe == NULL || za == NULL) { + if (cmd_pipe == nullptr || za == nullptr) { goto pbiudone; } patch_entry = mzFindZipEntry(za, patch_data_fn->data); - if (patch_entry == NULL) { + if (patch_entry == nullptr) { fprintf(stderr, "%s(): no file \"%s\" in package", name, patch_data_fn->data); goto pbiudone; } @@ -1534,7 +1370,7 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int argc, params.patch_start = ui->package_zip_addr + mzGetZipEntryOffset(patch_entry); new_entry = mzFindZipEntry(za, new_data_fn->data); - if (new_entry == NULL) { + if (new_entry == nullptr) { fprintf(stderr, "%s(): no file \"%s\" in package", name, new_data_fn->data); goto pbiudone; } @@ -1550,8 +1386,8 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int argc, params.nti.za = za; params.nti.entry = new_entry; - pthread_mutex_init(¶ms.nti.mu, NULL); - pthread_cond_init(¶ms.nti.cv, NULL); + pthread_mutex_init(¶ms.nti.mu, nullptr); + pthread_cond_init(¶ms.nti.cv, nullptr); pthread_attr_init(&attr); pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_JOINABLE); @@ -1566,7 +1402,7 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int argc, // to copy it to a new buffer and add the null that strtok_r will need. transfer_list = reinterpret_cast(malloc(transfer_list_value->size + 1)); - if (transfer_list == NULL) { + if (transfer_list == nullptr) { fprintf(stderr, "failed to allocate %zd bytes for transfer list\n", transfer_list_value->size + 1); goto pbiudone; @@ -1577,7 +1413,7 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int argc, // First line in transfer list is the version number line = strtok_r(transfer_list, "\n", &linesave); - params.version = strtol(line, NULL, 0); + params.version = strtol(line, nullptr, 0); if (params.version < 1 || params.version > 3) { fprintf(stderr, "unexpected transfer list version [%s]\n", line); @@ -1587,8 +1423,8 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int argc, fprintf(stderr, "blockimg version is %d\n", params.version); // Second line in transfer list is the total number of blocks we expect to write - line = strtok_r(NULL, "\n", &linesave); - total_blocks = strtol(line, NULL, 0); + line = strtok_r(nullptr, "\n", &linesave); + total_blocks = strtol(line, nullptr, 0); if (total_blocks < 0) { ErrorAbort(state, "unexpected block count [%s]\n", line); @@ -1600,12 +1436,12 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int argc, if (params.version >= 2) { // Third line is how many stash entries are needed simultaneously - line = strtok_r(NULL, "\n", &linesave); + line = strtok_r(nullptr, "\n", &linesave); fprintf(stderr, "maximum stash entries %s\n", line); // Fourth line is the maximum number of blocks that will be stashed simultaneously - line = strtok_r(NULL, "\n", &linesave); - stash_max_blocks = strtol(line, NULL, 0); + line = strtok_r(nullptr, "\n", &linesave); + int stash_max_blocks = strtol(line, nullptr, 0); if (stash_max_blocks < 0) { ErrorAbort(state, "unexpected maximum stash blocks [%s]\n", line); @@ -1624,45 +1460,39 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int argc, } // Build a hash table of the available commands - cmdht = mzHashTableCreate(cmdcount, NULL); + cmdht = mzHashTableCreate(cmdcount, nullptr); - for (i = 0; i < cmdcount; ++i) { - cmdhash = HashString(commands[i].name); + for (size_t i = 0; i < cmdcount; ++i) { + unsigned int cmdhash = HashString(commands[i].name); mzHashTableLookup(cmdht, cmdhash, (void*) &commands[i], CompareCommands, true); } // Subsequent lines are all individual transfer commands - for (line = strtok_r(NULL, "\n", &linesave); line; - line = strtok_r(NULL, "\n", &linesave)) { + for (line = strtok_r(nullptr, "\n", &linesave); line; + line = strtok_r(nullptr, "\n", &linesave)) { - logcmd = strdup(line); + const std::string logcmd(line); params.cmdname = strtok_r(line, " ", ¶ms.cpos); - if (params.cmdname == NULL) { + if (params.cmdname == nullptr) { fprintf(stderr, "missing command [%s]\n", line); goto pbiudone; } - cmdhash = HashString(params.cmdname); + unsigned int cmdhash = HashString(params.cmdname); cmd = (const Command*) mzHashTableLookup(cmdht, cmdhash, params.cmdname, CompareCommandNames, false); - if (cmd == NULL) { + if (cmd == nullptr) { fprintf(stderr, "unexpected command [%s]\n", params.cmdname); goto pbiudone; } - if (cmd->f != NULL && cmd->f(¶ms) == -1) { - fprintf(stderr, "failed to execute command [%s]\n", - logcmd ? logcmd : params.cmdname); + if (cmd->f != nullptr && cmd->f(params) == -1) { + fprintf(stderr, "failed to execute command [%s]\n", logcmd.c_str()); goto pbiudone; } - if (logcmd) { - free(logcmd); - logcmd = NULL; - } - if (params.canwrite) { if (fsync(params.fd) == -1) { fprintf(stderr, "fsync failed: %s\n", strerror(errno)); @@ -1674,9 +1504,9 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int argc, } if (params.canwrite) { - pthread_join(params.thread, NULL); + pthread_join(params.thread, nullptr); - fprintf(stderr, "wrote %d blocks; expected %d\n", params.written, total_blocks); + fprintf(stderr, "wrote %zu blocks; expected %d\n", params.written, total_blocks); fprintf(stderr, "max alloc needed was %zu\n", params.bufsize); // Delete stash only after successfully completing the update, as it @@ -1696,10 +1526,6 @@ pbiudone: close(params.fd); } - if (logcmd) { - free(logcmd); - } - if (cmdht) { mzHashTableFree(cmdht); } @@ -1791,16 +1617,16 @@ pbiudone: // the source data. Value* BlockImageVerifyFn(const char* name, State* state, int argc, Expr* argv[]) { - // Commands which are not tested are set to NULL to skip them completely + // Commands which are not tested are set to nullptr to skip them completely const Command commands[] = { { "bsdiff", PerformCommandDiff }, - { "erase", NULL }, + { "erase", nullptr }, { "free", PerformCommandFree }, { "imgdiff", PerformCommandDiff }, { "move", PerformCommandMove }, - { "new", NULL }, + { "new", nullptr }, { "stash", PerformCommandStash }, - { "zero", NULL } + { "zero", nullptr } }; // Perform a dry run without writing to test if an update can proceed @@ -1824,12 +1650,14 @@ Value* BlockImageUpdateFn(const char* name, State* state, int argc, Expr* argv[] sizeof(commands) / sizeof(commands[0]), false); } -Value* RangeSha1Fn(const char* name, State* state, int argc, Expr* argv[]) { +Value* RangeSha1Fn(const char* name, State* state, int /* argc */, Expr* argv[]) { Value* blockdev_filename; Value* ranges; - const uint8_t* digest = NULL; + const uint8_t* digest = nullptr; + RangeSet rs; + if (ReadValueArgs(state, argv, 2, &blockdev_filename, &ranges) < 0) { - return NULL; + return nullptr; } if (blockdev_filename->type != VAL_STRING) { @@ -1848,24 +1676,23 @@ Value* RangeSha1Fn(const char* name, State* state, int argc, Expr* argv[]) { goto done; } - RangeSet* rs; - rs = parse_range(ranges->data); + parse_range(ranges->data, rs); uint8_t buffer[BLOCKSIZE]; SHA_CTX ctx; SHA_init(&ctx); - for (size_t i = 0; i < rs->count; ++i) { - if (!check_lseek(fd, (off64_t)rs->pos[i*2] * BLOCKSIZE, SEEK_SET)) { + for (size_t i = 0; i < rs.count; ++i) { + if (!check_lseek(fd, (off64_t)rs.pos[i*2] * BLOCKSIZE, SEEK_SET)) { ErrorAbort(state, "failed to seek %s: %s", blockdev_filename->data, - strerror(errno)); + strerror(errno)); goto done; } - for (size_t j = rs->pos[i*2]; j < rs->pos[i*2+1]; ++j) { + for (size_t j = rs.pos[i*2]; j < rs.pos[i*2+1]; ++j) { if (read_all(fd, buffer, BLOCKSIZE) == -1) { ErrorAbort(state, "failed to read %s: %s", blockdev_filename->data, - strerror(errno)); + strerror(errno)); goto done; } @@ -1878,7 +1705,7 @@ Value* RangeSha1Fn(const char* name, State* state, int argc, Expr* argv[]) { done: FreeValue(blockdev_filename); FreeValue(ranges); - if (digest == NULL) { + if (digest == nullptr) { return StringValue(strdup("")); } else { return StringValue(strdup(print_sha1(digest).c_str())); -- cgit v1.2.3 From 34847b2c70b7ce0483d8bf9c2d66c8f7d6ab62e9 Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Tue, 8 Sep 2015 11:05:49 -0700 Subject: updater: Replace the pointers in LoadSrcTgtVersion[1-3]() parameter. And inline the call to LoadSrcTgtVersion1() into SaveStash(). Change-Id: Ibf4ef2bfa2cc62df59c4e8de99fd7d8039e71ecf --- updater/blockimg.cpp | 55 +++++++++++++++++++++++++--------------------------- 1 file changed, 26 insertions(+), 29 deletions(-) (limited to 'updater') diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index 5f5f9bd72..091bedf53 100644 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -378,19 +378,16 @@ static int WriteBlocks(const RangeSet& tgt, uint8_t* buffer, int fd) { // // // The source range is loaded into the provided buffer, reallocating -// it to make it larger if necessary. The target ranges are returned -// in *tgt, if tgt is non-null. +// it to make it larger if necessary. -static int LoadSrcTgtVersion1(char** wordsave, RangeSet* tgt, size_t& src_blocks, +static int LoadSrcTgtVersion1(char** wordsave, RangeSet& tgt, size_t& src_blocks, uint8_t** buffer, size_t* buffer_alloc, int fd) { char* word = strtok_r(nullptr, " ", wordsave); RangeSet src; parse_range(word, src); - if (tgt != nullptr) { - word = strtok_r(nullptr, " ", wordsave); - parse_range(word, *tgt); - } + word = strtok_r(nullptr, " ", wordsave); + parse_range(word, tgt); allocate(src.size * BLOCKSIZE, buffer, buffer_alloc); int rc = ReadBlocks(src, *buffer, fd); @@ -730,9 +727,15 @@ static int SaveStash(const std::string& base, char** wordsave, uint8_t** buffer, return 0; } - if (LoadSrcTgtVersion1(wordsave, nullptr, blocks, buffer, buffer_alloc, fd) == -1) { + char* word = strtok_r(nullptr, " ", wordsave); + RangeSet src; + parse_range(word, src); + + allocate(src.size * BLOCKSIZE, buffer, buffer_alloc); + if (ReadBlocks(src, *buffer, fd) == -1) { return -1; } + blocks = src.size; if (usehash && VerifyBlocks(id, *buffer, blocks, true) != 0) { // Source blocks have unexpected contents. If we actually need this @@ -791,7 +794,7 @@ static void MoveRange(uint8_t* dest, const RangeSet& locs, const uint8_t* source // reallocated if needed to accommodate the source data. *tgt is the // target RangeSet. Any stashes required are loaded using LoadStash. -static int LoadSrcTgtVersion2(char** wordsave, RangeSet* tgt, size_t& src_blocks, uint8_t** buffer, +static int LoadSrcTgtVersion2(char** wordsave, RangeSet& tgt, size_t& src_blocks, uint8_t** buffer, size_t* buffer_alloc, int fd, const std::string& stashbase, bool* overlap) { char* word; char* colonsave; @@ -800,10 +803,8 @@ static int LoadSrcTgtVersion2(char** wordsave, RangeSet* tgt, size_t& src_blocks size_t stashalloc = 0; uint8_t* stash = nullptr; - if (tgt != nullptr) { - word = strtok_r(nullptr, " ", wordsave); - parse_range(word, *tgt); - } + word = strtok_r(nullptr, " ", wordsave); + parse_range(word, tgt); word = strtok_r(nullptr, " ", wordsave); src_blocks = strtol(word, nullptr, 0); @@ -818,8 +819,8 @@ static int LoadSrcTgtVersion2(char** wordsave, RangeSet* tgt, size_t& src_blocks parse_range(word, src); int res = ReadBlocks(src, *buffer, fd); - if (overlap && tgt) { - *overlap = range_overlaps(src, *tgt); + if (overlap) { + *overlap = range_overlaps(src, tgt); } if (res == -1) { @@ -902,13 +903,9 @@ struct CommandParameters { // If the return value is 0, source blocks have expected content and the command // can be performed. -static int LoadSrcTgtVersion3(CommandParameters& params, RangeSet* tgt, size_t& src_blocks, +static int LoadSrcTgtVersion3(CommandParameters& params, RangeSet& tgt, size_t& src_blocks, bool onehash, bool& overlap) { - if (!tgt) { - return -1; - } - char* srchash = strtok_r(nullptr, " ", ¶ms.cpos); if (srchash == nullptr) { fprintf(stderr, "missing source hash\n"); @@ -932,13 +929,13 @@ static int LoadSrcTgtVersion3(CommandParameters& params, RangeSet* tgt, size_t& return -1; } - std::vector tgtbuffer(tgt->size * BLOCKSIZE); + std::vector tgtbuffer(tgt.size * BLOCKSIZE); - if (ReadBlocks(*tgt, tgtbuffer.data(), params.fd) == -1) { + if (ReadBlocks(tgt, tgtbuffer.data(), params.fd) == -1) { return -1; } - if (VerifyBlocks(tgthash, tgtbuffer.data(), tgt->size, false) == 0) { + if (VerifyBlocks(tgthash, tgtbuffer.data(), tgt.size, false) == 0) { // Target blocks already have expected content, command should be skipped fprintf(stderr, "verified, to return 1"); return 1; @@ -989,13 +986,13 @@ static int PerformCommandMove(CommandParameters& params) { RangeSet tgt; if (params.version == 1) { - status = LoadSrcTgtVersion1(¶ms.cpos, &tgt, blocks, ¶ms.buffer, + status = LoadSrcTgtVersion1(¶ms.cpos, tgt, blocks, ¶ms.buffer, ¶ms.bufsize, params.fd); } else if (params.version == 2) { - status = LoadSrcTgtVersion2(¶ms.cpos, &tgt, blocks, ¶ms.buffer, + status = LoadSrcTgtVersion2(¶ms.cpos, tgt, blocks, ¶ms.buffer, ¶ms.bufsize, params.fd, params.stashbase, nullptr); } else if (params.version >= 3) { - status = LoadSrcTgtVersion3(params, &tgt, blocks, true, overlap); + status = LoadSrcTgtVersion3(params, tgt, blocks, true, overlap); } if (status == -1) { @@ -1149,13 +1146,13 @@ static int PerformCommandDiff(CommandParameters& params) { size_t blocks = 0; int status = 0; if (params.version == 1) { - status = LoadSrcTgtVersion1(¶ms.cpos, &tgt, blocks, ¶ms.buffer, + status = LoadSrcTgtVersion1(¶ms.cpos, tgt, blocks, ¶ms.buffer, ¶ms.bufsize, params.fd); } else if (params.version == 2) { - status = LoadSrcTgtVersion2(¶ms.cpos, &tgt, blocks, ¶ms.buffer, + status = LoadSrcTgtVersion2(¶ms.cpos, tgt, blocks, ¶ms.buffer, ¶ms.bufsize, params.fd, params.stashbase, nullptr); } else if (params.version >= 3) { - status = LoadSrcTgtVersion3(params, &tgt, blocks, false, overlap); + status = LoadSrcTgtVersion3(params, tgt, blocks, false, overlap); } if (status == -1) { -- cgit v1.2.3 From 612336ddc1108c3adf43f309a326111cf01b4bcd Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Thu, 27 Aug 2015 16:41:21 -0700 Subject: updater: Manage buffers with std::vector. Change-Id: Ide489e18dd8daf161b612f65b28921b61cdd8d8d --- updater/blockimg.cpp | 396 ++++++++++++++++++++++----------------------------- 1 file changed, 168 insertions(+), 228 deletions(-) (limited to 'updater') diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index 091bedf53..6111d0d1e 100644 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -162,6 +162,10 @@ static int read_all(int fd, uint8_t* data, size_t size) { return 0; } +static int read_all(int fd, std::vector& buffer, size_t size) { + return read_all(fd, buffer.data(), size); +} + static int write_all(int fd, const uint8_t* data, size_t size) { size_t written = 0; while (written < size) { @@ -176,6 +180,10 @@ static int write_all(int fd, const uint8_t* data, size_t size) { return 0; } +static int write_all(int fd, const std::vector& buffer, size_t size) { + return write_all(fd, buffer.data(), size); +} + static bool check_lseek(int fd, off64_t offset, int whence) { off64_t rc = TEMP_FAILURE_RETRY(lseek64(fd, offset, whence)); if (rc == -1) { @@ -185,18 +193,11 @@ static bool check_lseek(int fd, off64_t offset, int whence) { return true; } -static void allocate(size_t size, uint8_t** buffer, size_t* buffer_alloc) { +static void allocate(size_t size, std::vector& buffer) { // if the buffer's big enough, reuse it. - if (size <= *buffer_alloc) return; - - free(*buffer); + if (size <= buffer.size()) return; - *buffer = (uint8_t*) malloc(size); - if (*buffer == nullptr) { - fprintf(stderr, "failed to allocate %zu bytes\n", size); - exit(1); - } - *buffer_alloc = size; + buffer.resize(size); } struct RangeSinkState { @@ -324,12 +325,9 @@ static void* unzip_new_data(void* cookie) { return nullptr; } -static int ReadBlocks(const RangeSet& src, uint8_t* buffer, int fd) { +static int ReadBlocks(const RangeSet& src, std::vector& buffer, int fd) { size_t p = 0; - - if (!buffer) { - return -1; - } + uint8_t* data = buffer.data(); for (size_t i = 0; i < src.count; ++i) { if (!check_lseek(fd, (off64_t) src.pos[i * 2] * BLOCKSIZE, SEEK_SET)) { @@ -338,7 +336,7 @@ static int ReadBlocks(const RangeSet& src, uint8_t* buffer, int fd) { size_t size = (src.pos[i * 2 + 1] - src.pos[i * 2]) * BLOCKSIZE; - if (read_all(fd, buffer + p, size) == -1) { + if (read_all(fd, data + p, size) == -1) { return -1; } @@ -348,10 +346,8 @@ static int ReadBlocks(const RangeSet& src, uint8_t* buffer, int fd) { return 0; } -static int WriteBlocks(const RangeSet& tgt, uint8_t* buffer, int fd) { - if (!buffer) { - return -1; - } +static int WriteBlocks(const RangeSet& tgt, const std::vector& buffer, int fd) { + const uint8_t* data = buffer.data(); size_t p = 0; for (size_t i = 0; i < tgt.count; ++i) { @@ -361,7 +357,7 @@ static int WriteBlocks(const RangeSet& tgt, uint8_t* buffer, int fd) { size_t size = (tgt.pos[i * 2 + 1] - tgt.pos[i * 2]) * BLOCKSIZE; - if (write_all(fd, buffer + p, size) == -1) { + if (write_all(fd, data + p, size) == -1) { return -1; } @@ -381,30 +377,29 @@ static int WriteBlocks(const RangeSet& tgt, uint8_t* buffer, int fd) { // it to make it larger if necessary. static int LoadSrcTgtVersion1(char** wordsave, RangeSet& tgt, size_t& src_blocks, - uint8_t** buffer, size_t* buffer_alloc, int fd) { + std::vector& buffer, int fd) { + // char* word = strtok_r(nullptr, " ", wordsave); RangeSet src; parse_range(word, src); + // word = strtok_r(nullptr, " ", wordsave); parse_range(word, tgt); - allocate(src.size * BLOCKSIZE, buffer, buffer_alloc); - int rc = ReadBlocks(src, *buffer, fd); + allocate(src.size * BLOCKSIZE, buffer); + int rc = ReadBlocks(src, buffer, fd); src_blocks = src.size; return rc; } -static int VerifyBlocks(const std::string& expected, const uint8_t* buffer, +static int VerifyBlocks(const std::string& expected, const std::vector& buffer, const size_t blocks, bool printerror) { uint8_t digest[SHA_DIGEST_SIZE]; + const uint8_t* data = buffer.data(); - if (!buffer) { - return -1; - } - - SHA_hash(buffer, blocks * BLOCKSIZE, digest); + SHA_hash(data, blocks * BLOCKSIZE, digest); std::string hexdigest = print_sha1(digest); @@ -516,8 +511,8 @@ static void DeleteStash(const std::string& base) { } static int LoadStash(const std::string& base, const std::string& id, bool verify, size_t* blocks, - uint8_t** buffer, size_t* buffer_alloc, bool printnoent) { - if (base.empty() || !buffer || !buffer_alloc) { + std::vector& buffer, bool printnoent) { + if (base.empty()) { return -1; } @@ -555,15 +550,15 @@ static int LoadStash(const std::string& base, const std::string& id, bool verify return -1; } - allocate(sb.st_size, buffer, buffer_alloc); + allocate(sb.st_size, buffer); - if (read_all(fd, *buffer, sb.st_size) == -1) { + if (read_all(fd, buffer, sb.st_size) == -1) { return -1; } *blocks = sb.st_size / BLOCKSIZE; - if (verify && VerifyBlocks(id, *buffer, *blocks, true) != 0) { + if (verify && VerifyBlocks(id, buffer, *blocks, true) != 0) { fprintf(stderr, "unexpected contents in %s\n", fn.c_str()); DeleteFile(fn, nullptr); return -1; @@ -572,9 +567,9 @@ static int LoadStash(const std::string& base, const std::string& id, bool verify return 0; } -static int WriteStash(const std::string& base, const std::string& id, int blocks, uint8_t* buffer, - bool checkspace, bool *exists) { - if (base.empty() || buffer == nullptr) { +static int WriteStash(const std::string& base, const std::string& id, int blocks, + std::vector& buffer, bool checkspace, bool *exists) { + if (base.empty()) { return -1; } @@ -706,9 +701,9 @@ static int CreateStash(State* state, int maxblocks, const char* blockdev, std::s return 0; // Using existing directory } -static int SaveStash(const std::string& base, char** wordsave, uint8_t** buffer, - size_t* buffer_alloc, int fd, bool usehash) { - if (!wordsave || !buffer || !buffer_alloc) { +static int SaveStash(const std::string& base, char** wordsave, std::vector& buffer, + int fd, bool usehash) { + if (!wordsave) { return -1; } @@ -720,7 +715,7 @@ static int SaveStash(const std::string& base, char** wordsave, uint8_t** buffer, std::string id(id_tok); size_t blocks = 0; - if (usehash && LoadStash(base, id, true, &blocks, buffer, buffer_alloc, false) == 0) { + if (usehash && LoadStash(base, id, true, &blocks, buffer, false) == 0) { // Stash file already exists and has expected contents. Do not // read from source again, as the source may have been already // overwritten during a previous attempt. @@ -731,13 +726,13 @@ static int SaveStash(const std::string& base, char** wordsave, uint8_t** buffer, RangeSet src; parse_range(word, src); - allocate(src.size * BLOCKSIZE, buffer, buffer_alloc); - if (ReadBlocks(src, *buffer, fd) == -1) { + allocate(src.size * BLOCKSIZE, buffer); + if (ReadBlocks(src, buffer, fd) == -1) { return -1; } blocks = src.size; - if (usehash && VerifyBlocks(id, *buffer, blocks, true) != 0) { + if (usehash && VerifyBlocks(id, buffer, blocks, true) != 0) { // Source blocks have unexpected contents. If we actually need this // data later, this is an unrecoverable error. However, the command // that uses the data may have already completed previously, so the @@ -747,7 +742,7 @@ static int SaveStash(const std::string& base, char** wordsave, uint8_t** buffer, } fprintf(stderr, "stashing %zu blocks to %s\n", blocks, id.c_str()); - return WriteStash(base, id, blocks, *buffer, false, nullptr); + return WriteStash(base, id, blocks, buffer, false, nullptr); } static int FreeStash(const std::string& base, const char* id) { @@ -762,16 +757,19 @@ static int FreeStash(const std::string& base, const char* id) { return 0; } -static void MoveRange(uint8_t* dest, const RangeSet& locs, const uint8_t* source) { +static void MoveRange(std::vector& dest, const RangeSet& locs, + const std::vector& source) { // source contains packed data, which we want to move to the - // locations given in *locs in the dest buffer. source and dest + // locations given in locs in the dest buffer. source and dest // may be the same buffer. + const uint8_t* from = source.data(); + uint8_t* to = dest.data(); size_t start = locs.size; for (int i = locs.count-1; i >= 0; --i) { size_t blocks = locs.pos[i*2+1] - locs.pos[i*2]; start -= blocks; - memmove(dest + (locs.pos[i*2] * BLOCKSIZE), source + (start * BLOCKSIZE), + memmove(to + (locs.pos[i*2] * BLOCKSIZE), from + (start * BLOCKSIZE), blocks * BLOCKSIZE); } } @@ -794,30 +792,26 @@ static void MoveRange(uint8_t* dest, const RangeSet& locs, const uint8_t* source // reallocated if needed to accommodate the source data. *tgt is the // target RangeSet. Any stashes required are loaded using LoadStash. -static int LoadSrcTgtVersion2(char** wordsave, RangeSet& tgt, size_t& src_blocks, uint8_t** buffer, - size_t* buffer_alloc, int fd, const std::string& stashbase, bool* overlap) { - char* word; - char* colonsave; - char* colon; - RangeSet locs; - size_t stashalloc = 0; - uint8_t* stash = nullptr; - - word = strtok_r(nullptr, " ", wordsave); +static int LoadSrcTgtVersion2(char** wordsave, RangeSet& tgt, size_t& src_blocks, + std::vector& buffer, int fd, const std::string& stashbase, bool* overlap) { + // + char* word = strtok_r(nullptr, " ", wordsave); parse_range(word, tgt); + // word = strtok_r(nullptr, " ", wordsave); src_blocks = strtol(word, nullptr, 0); - allocate(src_blocks * BLOCKSIZE, buffer, buffer_alloc); + allocate(src_blocks * BLOCKSIZE, buffer); + // "-" or [] word = strtok_r(nullptr, " ", wordsave); if (word[0] == '-' && word[1] == '\0') { // no source ranges, only stashes } else { RangeSet src; parse_range(word, src); - int res = ReadBlocks(src, *buffer, fd); + int res = ReadBlocks(src, buffer, fd); if (overlap) { *overlap = range_overlaps(src, tgt); @@ -833,18 +827,22 @@ static int LoadSrcTgtVersion2(char** wordsave, RangeSet& tgt, size_t& src_blocks return 0; } + RangeSet locs; parse_range(word, locs); - MoveRange(*buffer, locs, *buffer); + MoveRange(buffer, locs, buffer); } + // <[stash_id:stash-range]> + char* colonsave; while ((word = strtok_r(nullptr, " ", wordsave)) != nullptr) { // Each word is a an index into the stash table, a colon, and // then a rangeset describing where in the source block that // stashed data should go. colonsave = nullptr; - colon = strtok_r(word, ":", &colonsave); + char* colon = strtok_r(word, ":", &colonsave); - int res = LoadStash(stashbase, std::string(colon), false, nullptr, &stash, &stashalloc, true); + std::vector stash; + int res = LoadStash(stashbase, std::string(colon), false, nullptr, stash, true); if (res == -1) { // These source blocks will fail verification if used later, but we @@ -854,13 +852,10 @@ static int LoadSrcTgtVersion2(char** wordsave, RangeSet& tgt, size_t& src_blocks } colon = strtok_r(nullptr, ":", &colonsave); + RangeSet locs; parse_range(colon, locs); - MoveRange(*buffer, locs, stash); - } - - if (stash) { - free(stash); + MoveRange(buffer, locs, stash); } return 0; @@ -881,8 +876,7 @@ struct CommandParameters { size_t written; NewThreadInfo nti; pthread_t thread; - size_t bufsize; - uint8_t* buffer; + std::vector buffer; uint8_t* patch_start; }; @@ -924,20 +918,19 @@ static int LoadSrcTgtVersion3(CommandParameters& params, RangeSet& tgt, size_t& } } - if (LoadSrcTgtVersion2(¶ms.cpos, tgt, src_blocks, ¶ms.buffer, ¶ms.bufsize, - params.fd, params.stashbase, &overlap) == -1) { + if (LoadSrcTgtVersion2(¶ms.cpos, tgt, src_blocks, params.buffer, params.fd, + params.stashbase, &overlap) == -1) { return -1; } std::vector tgtbuffer(tgt.size * BLOCKSIZE); - if (ReadBlocks(tgt, tgtbuffer.data(), params.fd) == -1) { + if (ReadBlocks(tgt, tgtbuffer, params.fd) == -1) { return -1; } - if (VerifyBlocks(tgthash, tgtbuffer.data(), tgt.size, false) == 0) { + if (VerifyBlocks(tgthash, tgtbuffer, tgt.size, false) == 0) { // Target blocks already have expected content, command should be skipped - fprintf(stderr, "verified, to return 1"); return 1; } @@ -948,7 +941,7 @@ static int LoadSrcTgtVersion3(CommandParameters& params, RangeSet& tgt, size_t& fprintf(stderr, "stashing %zu overlapping blocks to %s\n", src_blocks, srchash); bool stash_exists = false; - if (WriteStash(params.stashbase, std::string(srchash), src_blocks, params.buffer, true, + if (WriteStash(params.stashbase, srchash, src_blocks, params.buffer, true, &stash_exists) != 0) { fprintf(stderr, "failed to stash overlapping source blocks\n"); return -1; @@ -964,8 +957,7 @@ static int LoadSrcTgtVersion3(CommandParameters& params, RangeSet& tgt, size_t& return 0; } - if (overlap && LoadStash(params.stashbase, std::string(srchash), true, nullptr, ¶ms.buffer, - ¶ms.bufsize, true) == 0) { + if (overlap && LoadStash(params.stashbase, srchash, true, nullptr, params.buffer, true) == 0) { // Overlapping source blocks were previously stashed, command can proceed. // We are recovering from an interrupted command, so we don't know if the // stash can safely be deleted after this command. @@ -986,11 +978,10 @@ static int PerformCommandMove(CommandParameters& params) { RangeSet tgt; if (params.version == 1) { - status = LoadSrcTgtVersion1(¶ms.cpos, tgt, blocks, ¶ms.buffer, - ¶ms.bufsize, params.fd); + status = LoadSrcTgtVersion1(¶ms.cpos, tgt, blocks, params.buffer, params.fd); } else if (params.version == 2) { - status = LoadSrcTgtVersion2(¶ms.cpos, tgt, blocks, ¶ms.buffer, - ¶ms.bufsize, params.fd, params.stashbase, nullptr); + status = LoadSrcTgtVersion2(¶ms.cpos, tgt, blocks, params.buffer, params.fd, + params.stashbase, nullptr); } else if (params.version >= 3) { status = LoadSrcTgtVersion3(params, tgt, blocks, true, overlap); } @@ -1030,8 +1021,8 @@ static int PerformCommandMove(CommandParameters& params) { } static int PerformCommandStash(CommandParameters& params) { - return SaveStash(params.stashbase, ¶ms.cpos, ¶ms.buffer, ¶ms.bufsize, - params.fd, (params.version >= 3)); + return SaveStash(params.stashbase, ¶ms.cpos, params.buffer, params.fd, + (params.version >= 3)); } static int PerformCommandFree(CommandParameters& params) { @@ -1055,8 +1046,8 @@ static int PerformCommandZero(CommandParameters& params) { fprintf(stderr, " zeroing %zu blocks\n", tgt.size); - allocate(BLOCKSIZE, ¶ms.buffer, ¶ms.bufsize); - memset(params.buffer, 0, BLOCKSIZE); + allocate(BLOCKSIZE, params.buffer); + memset(params.buffer.data(), 0, BLOCKSIZE); if (params.canwrite) { for (size_t i = 0; i < tgt.count; ++i) { @@ -1120,12 +1111,9 @@ static int PerformCommandNew(CommandParameters& params) { } static int PerformCommandDiff(CommandParameters& params) { - char* value = nullptr; - bool overlap = false; - RangeSet tgt; const std::string logparams(params.cpos); - value = strtok_r(nullptr, " ", ¶ms.cpos); + char* value = strtok_r(nullptr, " ", ¶ms.cpos); if (value == nullptr) { fprintf(stderr, "missing patch offset for %s\n", params.cmdname); @@ -1143,14 +1131,15 @@ static int PerformCommandDiff(CommandParameters& params) { size_t len = strtoul(value, nullptr, 0); + RangeSet tgt; size_t blocks = 0; + bool overlap = false; int status = 0; if (params.version == 1) { - status = LoadSrcTgtVersion1(¶ms.cpos, tgt, blocks, ¶ms.buffer, - ¶ms.bufsize, params.fd); + status = LoadSrcTgtVersion1(¶ms.cpos, tgt, blocks, params.buffer, params.fd); } else if (params.version == 2) { - status = LoadSrcTgtVersion2(¶ms.cpos, tgt, blocks, ¶ms.buffer, - ¶ms.bufsize, params.fd, params.stashbase, nullptr); + status = LoadSrcTgtVersion2(¶ms.cpos, tgt, blocks, params.buffer, params.fd, + params.stashbase, nullptr); } else if (params.version >= 3) { status = LoadSrcTgtVersion3(params, tgt, blocks, false, overlap); } @@ -1185,11 +1174,11 @@ static int PerformCommandDiff(CommandParameters& params) { } if (params.cmdname[0] == 'i') { // imgdiff - ApplyImagePatch(params.buffer, blocks * BLOCKSIZE, &patch_value, + ApplyImagePatch(params.buffer.data(), blocks * BLOCKSIZE, &patch_value, &RangeSinkWrite, &rss, nullptr, nullptr); } else { - ApplyBSDiffPatch(params.buffer, blocks * BLOCKSIZE, &patch_value, - 0, &RangeSinkWrite, &rss, nullptr); + ApplyBSDiffPatch(params.buffer.data(), blocks * BLOCKSIZE, &patch_value, 0, + &RangeSinkWrite, &rss, nullptr); } // We expect the output of the patcher to fill the tgt ranges exactly. @@ -1261,10 +1250,10 @@ static int PerformCommandErase(CommandParameters& params) { // Definitions for transfer list command functions typedef int (*CommandFunction)(CommandParameters&); -typedef struct { +struct Command { const char* name; CommandFunction f; -} Command; +}; // CompareCommands and CompareCommandNames are for the hash table @@ -1297,86 +1286,76 @@ static unsigned int HashString(const char *s) { static Value* PerformBlockImageUpdate(const char* name, State* state, int /* argc */, Expr* argv[], const Command* commands, size_t cmdcount, bool dryrun) { - char* line = nullptr; - char* linesave = nullptr; - char* transfer_list = nullptr; CommandParameters params; - const Command* cmd = nullptr; - const ZipEntry* new_entry = nullptr; - const ZipEntry* patch_entry = nullptr; - FILE* cmd_pipe = nullptr; - HashTable* cmdht = nullptr; - int res; - int rc = -1; - int total_blocks = 0; - pthread_attr_t attr; - UpdaterInfo* ui = nullptr; - Value* blockdev_filename = nullptr; - Value* new_data_fn = nullptr; - Value* patch_data_fn = nullptr; - Value* transfer_list_value = nullptr; - ZipArchive* za = nullptr; - memset(¶ms, 0, sizeof(params)); params.canwrite = !dryrun; fprintf(stderr, "performing %s\n", dryrun ? "verification" : "update"); + Value* blockdev_filename = nullptr; + Value* transfer_list_value = nullptr; + Value* new_data_fn = nullptr; + Value* patch_data_fn = nullptr; if (ReadValueArgs(state, argv, 4, &blockdev_filename, &transfer_list_value, &new_data_fn, &patch_data_fn) < 0) { - goto pbiudone; + return StringValue(strdup("")); } + std::unique_ptr blockdev_filename_holder(blockdev_filename, + FreeValue); + std::unique_ptr transfer_list_value_holder(transfer_list_value, + FreeValue); + std::unique_ptr new_data_fn_holder(new_data_fn, FreeValue); + std::unique_ptr patch_data_fn_holder(patch_data_fn, FreeValue); if (blockdev_filename->type != VAL_STRING) { ErrorAbort(state, "blockdev_filename argument to %s must be string", name); - goto pbiudone; + return StringValue(strdup("")); } if (transfer_list_value->type != VAL_BLOB) { ErrorAbort(state, "transfer_list argument to %s must be blob", name); - goto pbiudone; + return StringValue(strdup("")); } if (new_data_fn->type != VAL_STRING) { ErrorAbort(state, "new_data_fn argument to %s must be string", name); - goto pbiudone; + return StringValue(strdup("")); } if (patch_data_fn->type != VAL_STRING) { ErrorAbort(state, "patch_data_fn argument to %s must be string", name); - goto pbiudone; + return StringValue(strdup("")); } - ui = (UpdaterInfo*) state->cookie; + UpdaterInfo* ui = reinterpret_cast(state->cookie); if (ui == nullptr) { - goto pbiudone; + return StringValue(strdup("")); } - cmd_pipe = ui->cmd_pipe; - za = ui->package_zip; + FILE* cmd_pipe = ui->cmd_pipe; + ZipArchive* za = ui->package_zip; if (cmd_pipe == nullptr || za == nullptr) { - goto pbiudone; + return StringValue(strdup("")); } - patch_entry = mzFindZipEntry(za, patch_data_fn->data); - + const ZipEntry* patch_entry = mzFindZipEntry(za, patch_data_fn->data); if (patch_entry == nullptr) { fprintf(stderr, "%s(): no file \"%s\" in package", name, patch_data_fn->data); - goto pbiudone; + return StringValue(strdup("")); } params.patch_start = ui->package_zip_addr + mzGetZipEntryOffset(patch_entry); - new_entry = mzFindZipEntry(za, new_data_fn->data); - + const ZipEntry* new_entry = mzFindZipEntry(za, new_data_fn->data); if (new_entry == nullptr) { fprintf(stderr, "%s(): no file \"%s\" in package", name, new_data_fn->data); - goto pbiudone; + return StringValue(strdup("")); } params.fd = TEMP_FAILURE_RETRY(open(blockdev_filename->data, O_RDWR)); + unique_fd fd_holder(params.fd); if (params.fd == -1) { fprintf(stderr, "open \"%s\" failed: %s\n", blockdev_filename->data, strerror(errno)); - goto pbiudone; + return StringValue(strdup("")); } if (params.canwrite) { @@ -1385,90 +1364,86 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg pthread_mutex_init(¶ms.nti.mu, nullptr); pthread_cond_init(¶ms.nti.cv, nullptr); + pthread_attr_t attr; pthread_attr_init(&attr); pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_JOINABLE); int error = pthread_create(¶ms.thread, &attr, unzip_new_data, ¶ms.nti); if (error != 0) { fprintf(stderr, "pthread_create failed: %s\n", strerror(error)); - goto pbiudone; + return StringValue(strdup("")); } } // The data in transfer_list_value is not necessarily null-terminated, so we need // to copy it to a new buffer and add the null that strtok_r will need. - transfer_list = reinterpret_cast(malloc(transfer_list_value->size + 1)); - - if (transfer_list == nullptr) { - fprintf(stderr, "failed to allocate %zd bytes for transfer list\n", - transfer_list_value->size + 1); - goto pbiudone; - } - - memcpy(transfer_list, transfer_list_value->data, transfer_list_value->size); - transfer_list[transfer_list_value->size] = '\0'; + const std::string transfer_list(transfer_list_value->data, transfer_list_value->size); + std::vector lines = android::base::Split(transfer_list, "\n"); // First line in transfer list is the version number - line = strtok_r(transfer_list, "\n", &linesave); - params.version = strtol(line, nullptr, 0); - - if (params.version < 1 || params.version > 3) { - fprintf(stderr, "unexpected transfer list version [%s]\n", line); - goto pbiudone; + long int val; + errno = 0; + val = strtol(lines[0].c_str(), nullptr, 0); + if (errno != 0 || val < 1 || val > 3) { + fprintf(stderr, "unexpected transfer list version [%s]\n", lines[0].c_str()); + return StringValue(strdup("")); } + params.version = static_cast(val); fprintf(stderr, "blockimg version is %d\n", params.version); // Second line in transfer list is the total number of blocks we expect to write - line = strtok_r(nullptr, "\n", &linesave); - total_blocks = strtol(line, nullptr, 0); + int total_blocks = strtol(lines[1].c_str(), nullptr, 0); if (total_blocks < 0) { - ErrorAbort(state, "unexpected block count [%s]\n", line); - goto pbiudone; + ErrorAbort(state, "unexpected block count [%s]\n", lines[1].c_str()); + return StringValue(strdup("")); } else if (total_blocks == 0) { - rc = 0; - goto pbiudone; + return StringValue(strdup("t")); } + size_t start = 2; if (params.version >= 2) { // Third line is how many stash entries are needed simultaneously - line = strtok_r(nullptr, "\n", &linesave); - fprintf(stderr, "maximum stash entries %s\n", line); + fprintf(stderr, "maximum stash entries %s\n", lines[2].c_str()); // Fourth line is the maximum number of blocks that will be stashed simultaneously - line = strtok_r(nullptr, "\n", &linesave); - int stash_max_blocks = strtol(line, nullptr, 0); + int stash_max_blocks = strtol(lines[3].c_str(), nullptr, 0); if (stash_max_blocks < 0) { - ErrorAbort(state, "unexpected maximum stash blocks [%s]\n", line); - goto pbiudone; + ErrorAbort(state, "unexpected maximum stash blocks [%s]\n", lines[3].c_str()); + return StringValue(strdup("")); } if (stash_max_blocks >= 0) { - res = CreateStash(state, stash_max_blocks, blockdev_filename->data, params.stashbase); + int res = CreateStash(state, stash_max_blocks, blockdev_filename->data, + params.stashbase); if (res == -1) { - goto pbiudone; + return StringValue(strdup("")); } params.createdstash = res; } + + start += 2; } // Build a hash table of the available commands - cmdht = mzHashTableCreate(cmdcount, nullptr); + HashTable* cmdht = mzHashTableCreate(cmdcount, nullptr); + std::unique_ptr cmdht_holder(cmdht, mzHashTableFree); for (size_t i = 0; i < cmdcount; ++i) { unsigned int cmdhash = HashString(commands[i].name); mzHashTableLookup(cmdht, cmdhash, (void*) &commands[i], CompareCommands, true); } - // Subsequent lines are all individual transfer commands - for (line = strtok_r(nullptr, "\n", &linesave); line; - line = strtok_r(nullptr, "\n", &linesave)) { + int rc = -1; - const std::string logcmd(line); + // Subsequent lines are all individual transfer commands + for (auto it = lines.cbegin() + start; it != lines.cend(); it++) { + const std::string& line_str(*it); + char* line = strdup(line_str.c_str()); params.cmdname = strtok_r(line, " ", ¶ms.cpos); if (params.cmdname == nullptr) { @@ -1477,8 +1452,8 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg } unsigned int cmdhash = HashString(params.cmdname); - cmd = (const Command*) mzHashTableLookup(cmdht, cmdhash, params.cmdname, - CompareCommandNames, false); + const Command* cmd = reinterpret_cast(mzHashTableLookup(cmdht, cmdhash, + params.cmdname, CompareCommandNames, false)); if (cmd == nullptr) { fprintf(stderr, "unexpected command [%s]\n", params.cmdname); @@ -1486,7 +1461,7 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg } if (cmd->f != nullptr && cmd->f(params) == -1) { - fprintf(stderr, "failed to execute command [%s]\n", logcmd.c_str()); + fprintf(stderr, "failed to execute command [%s]\n", line_str.c_str()); goto pbiudone; } @@ -1504,7 +1479,7 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg pthread_join(params.thread, nullptr); fprintf(stderr, "wrote %zu blocks; expected %d\n", params.written, total_blocks); - fprintf(stderr, "max alloc needed was %zu\n", params.bufsize); + fprintf(stderr, "max alloc needed was %zu\n", params.buffer.size()); // Delete stash only after successfully completing the update, as it // may contain blocks needed to complete the update later. @@ -1523,34 +1498,6 @@ pbiudone: close(params.fd); } - if (cmdht) { - mzHashTableFree(cmdht); - } - - if (params.buffer) { - free(params.buffer); - } - - if (transfer_list) { - free(transfer_list); - } - - if (blockdev_filename) { - FreeValue(blockdev_filename); - } - - if (transfer_list_value) { - FreeValue(transfer_list_value); - } - - if (new_data_fn) { - FreeValue(new_data_fn); - } - - if (patch_data_fn) { - FreeValue(patch_data_fn); - } - // Only delete the stash if the update cannot be resumed, or it's // a verification run and we created the stash. if (params.isunresumable || (!params.canwrite && params.createdstash)) { @@ -1650,63 +1597,56 @@ Value* BlockImageUpdateFn(const char* name, State* state, int argc, Expr* argv[] Value* RangeSha1Fn(const char* name, State* state, int /* argc */, Expr* argv[]) { Value* blockdev_filename; Value* ranges; - const uint8_t* digest = nullptr; - RangeSet rs; if (ReadValueArgs(state, argv, 2, &blockdev_filename, &ranges) < 0) { - return nullptr; + return StringValue(strdup("")); } + std::unique_ptr ranges_holder(ranges, FreeValue); + std::unique_ptr blockdev_filename_holder(blockdev_filename, + FreeValue); if (blockdev_filename->type != VAL_STRING) { ErrorAbort(state, "blockdev_filename argument to %s must be string", name); - goto done; + return StringValue(strdup("")); } if (ranges->type != VAL_STRING) { ErrorAbort(state, "ranges argument to %s must be string", name); - goto done; + return StringValue(strdup("")); } - int fd; - fd = open(blockdev_filename->data, O_RDWR); + int fd = open(blockdev_filename->data, O_RDWR); + unique_fd fd_holder(fd); if (fd < 0) { ErrorAbort(state, "open \"%s\" failed: %s", blockdev_filename->data, strerror(errno)); - goto done; + return StringValue(strdup("")); } + RangeSet rs; parse_range(ranges->data, rs); - uint8_t buffer[BLOCKSIZE]; SHA_CTX ctx; SHA_init(&ctx); + std::vector buffer(BLOCKSIZE); for (size_t i = 0; i < rs.count; ++i) { if (!check_lseek(fd, (off64_t)rs.pos[i*2] * BLOCKSIZE, SEEK_SET)) { - ErrorAbort(state, "failed to seek %s: %s", blockdev_filename->data, - strerror(errno)); - goto done; + ErrorAbort(state, "failed to seek %s: %s", blockdev_filename->data, strerror(errno)); + return StringValue(strdup("")); } for (size_t j = rs.pos[i*2]; j < rs.pos[i*2+1]; ++j) { if (read_all(fd, buffer, BLOCKSIZE) == -1) { ErrorAbort(state, "failed to read %s: %s", blockdev_filename->data, strerror(errno)); - goto done; + return StringValue(strdup("")); } - SHA_update(&ctx, buffer, BLOCKSIZE); + SHA_update(&ctx, buffer.data(), BLOCKSIZE); } } - digest = SHA_final(&ctx); - close(fd); + const uint8_t* digest = SHA_final(&ctx); - done: - FreeValue(blockdev_filename); - FreeValue(ranges); - if (digest == nullptr) { - return StringValue(strdup("")); - } else { - return StringValue(strdup(print_sha1(digest).c_str())); - } + return StringValue(strdup(print_sha1(digest).c_str())); } void RegisterBlockImageFunctions() { -- cgit v1.2.3 From 1107d9674678b2a37dc7365a5aeaa5407cde7c55 Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Wed, 9 Sep 2015 17:16:55 -0700 Subject: updater: Fix the line breaks in ui_print commands. When processing ui_print commands in the updater, it misses a line break when printing to the recovery log. Also clean up uiPrintf() and UIPrintFn() with std::string's. Change-Id: Ie5dbbfbc40b024929887d3c3ccd3a334249a8c9d --- updater/install.cpp | 58 +++++++++++++++++++++++++++++------------------------ 1 file changed, 32 insertions(+), 26 deletions(-) (limited to 'updater') diff --git a/updater/install.cpp b/updater/install.cpp index 422a1bb1e..a6ed078ba 100644 --- a/updater/install.cpp +++ b/updater/install.cpp @@ -34,6 +34,9 @@ #include #include +#include +#include + #include "bootloader.h" #include "applypatch/applypatch.h" #include "cutils/android_reboot.h" @@ -53,28 +56,35 @@ #include "wipe.h" #endif -void uiPrint(State* state, char* buffer) { - char* line = strtok(buffer, "\n"); - UpdaterInfo* ui = (UpdaterInfo*)(state->cookie); - while (line) { - fprintf(ui->cmd_pipe, "ui_print %s\n", line); - line = strtok(NULL, "\n"); +// Send over the buffer to recovery though the command pipe. +static void uiPrint(State* state, const std::string& buffer) { + UpdaterInfo* ui = reinterpret_cast(state->cookie); + + // "line1\nline2\n" will be split into 3 tokens: "line1", "line2" and "". + // So skip sending empty strings to UI. + std::vector lines = android::base::Split(buffer, "\n"); + for (auto& line: lines) { + if (!line.empty()) { + fprintf(ui->cmd_pipe, "ui_print %s\n", line.c_str()); + fprintf(ui->cmd_pipe, "ui_print\n"); + } } - fprintf(ui->cmd_pipe, "ui_print\n"); - // The recovery will only print the contents to screen for pipe command - // ui_print. We need to dump the contents to stderr (which has been - // redirected to the log file) directly. - fprintf(stderr, "%s", buffer); + // On the updater side, we need to dump the contents to stderr (which has + // been redirected to the log file). Because the recovery will only print + // the contents to screen when processing pipe command ui_print. + fprintf(stderr, "%s", buffer.c_str()); } __attribute__((__format__(printf, 2, 3))) __nonnull((2)) void uiPrintf(State* state, const char* format, ...) { - char error_msg[1024]; + std::string error_msg; + va_list ap; va_start(ap, format); - vsnprintf(error_msg, sizeof(error_msg), format, ap); + android::base::StringAppendV(&error_msg, format, ap); va_end(ap); + uiPrint(state, error_msg); } @@ -159,7 +169,7 @@ Value* MountFn(const char* name, State* state, int argc, Expr* argv[]) { const MtdPartition* mtd; mtd = mtd_find_partition_by_name(location); if (mtd == NULL) { - uiPrintf(state, "%s: no mtd partition named \"%s\"", + uiPrintf(state, "%s: no mtd partition named \"%s\"\n", name, location); result = strdup(""); goto done; @@ -1246,28 +1256,24 @@ Value* ApplyPatchCheckFn(const char* name, State* state, return StringValue(strdup(result == 0 ? "t" : "")); } +// This is the updater side handler for ui_print() in edify script. Contents +// will be sent over to the recovery side for on-screen display. Value* UIPrintFn(const char* name, State* state, int argc, Expr* argv[]) { char** args = ReadVarArgs(state, argc, argv); if (args == NULL) { return NULL; } - int size = 0; - int i; - for (i = 0; i < argc; ++i) { - size += strlen(args[i]); - } - char* buffer = reinterpret_cast(malloc(size+1)); - size = 0; - for (i = 0; i < argc; ++i) { - strcpy(buffer+size, args[i]); - size += strlen(args[i]); + std::string buffer; + for (int i = 0; i < argc; ++i) { + buffer += args[i]; free(args[i]); } free(args); - buffer[size] = '\0'; + + buffer += "\n"; uiPrint(state, buffer); - return StringValue(buffer); + return StringValue(strdup(buffer.c_str())); } Value* WipeCacheFn(const char* name, State* state, int argc, Expr* argv[]) { -- cgit v1.2.3 From 5701d5829de3915e9de0f27a64554297ba88c8a4 Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Thu, 24 Sep 2015 10:56:48 -0700 Subject: Suppress some compiler warnings due to signedness. Change-Id: I63f28b3b4ba4185c23b972fc8f93517295b1672a --- updater/install.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'updater') diff --git a/updater/install.cpp b/updater/install.cpp index a6ed078ba..68c990241 100644 --- a/updater/install.cpp +++ b/updater/install.cpp @@ -990,7 +990,7 @@ Value* FileGetPropFn(const char* name, State* state, int argc, Expr* argv[]) { goto done; } - if (fread(buffer, 1, st.st_size, f) != st.st_size) { + if (fread(buffer, 1, st.st_size, f) != static_cast(st.st_size)) { ErrorAbort(state, "%s: failed to read %lld bytes from %s", name, (long long)st.st_size+1, filename); fclose(f); -- cgit v1.2.3 From b15fd224edcab95732fbfaa237c7b9cde9c23812 Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Thu, 24 Sep 2015 11:10:51 -0700 Subject: updater: Use android::base::ParseInt() to parse integers. Change-Id: Ic769eafc8d9535b1d517d3dcbd398c3fd65cddd9 --- updater/blockimg.cpp | 65 ++++++++++++++++++++-------------------------------- updater/install.cpp | 24 +++++++++---------- 2 files changed, 37 insertions(+), 52 deletions(-) (limited to 'updater') diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index 6111d0d1e..ddb474ffd 100644 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -36,6 +36,7 @@ #include #include +#include #include #include "applypatch/applypatch.h" @@ -77,40 +78,31 @@ static void parse_range(const char* range_text, RangeSet& rs) { goto err; } - errno = 0; - val = strtol(pieces[0].c_str(), nullptr, 0); - - if (errno != 0 || val < 2 || val > INT_MAX) { + size_t num; + if (!android::base::ParseUint(pieces[0].c_str(), &num, static_cast(INT_MAX))) { goto err; - } else if (val % 2) { + } + + if (num == 0 || num % 2) { goto err; // must be even - } else if (val != static_cast(pieces.size() - 1)) { + } else if (num != pieces.size() - 1) { goto err; } - size_t num; - num = static_cast(val); - rs.pos.resize(num); rs.count = num / 2; rs.size = 0; for (size_t i = 0; i < num; i += 2) { - const char* token = pieces[i+1].c_str(); - errno = 0; - val = strtol(token, nullptr, 0); - if (errno != 0 || val < 0 || val > INT_MAX) { + if (!android::base::ParseUint(pieces[i+1].c_str(), &rs.pos[i], + static_cast(INT_MAX))) { goto err; } - rs.pos[i] = static_cast(val); - token = pieces[i+2].c_str(); - errno = 0; - val = strtol(token, nullptr, 0); - if (errno != 0 || val < 0 || val > INT_MAX) { + if (!android::base::ParseUint(pieces[i+2].c_str(), &rs.pos[i+1], + static_cast(INT_MAX))) { goto err; } - rs.pos[i+1] = static_cast(val); if (rs.pos[i] >= rs.pos[i+1]) { goto err; // empty or negative range @@ -800,7 +792,7 @@ static int LoadSrcTgtVersion2(char** wordsave, RangeSet& tgt, size_t& src_blocks // word = strtok_r(nullptr, " ", wordsave); - src_blocks = strtol(word, nullptr, 0); + android::base::ParseUint(word, &src_blocks); allocate(src_blocks * BLOCKSIZE, buffer); @@ -1381,24 +1373,21 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg std::vector lines = android::base::Split(transfer_list, "\n"); // First line in transfer list is the version number - long int val; - errno = 0; - val = strtol(lines[0].c_str(), nullptr, 0); - if (errno != 0 || val < 1 || val > 3) { + if (!android::base::ParseInt(lines[0].c_str(), ¶ms.version, 1, 3)) { fprintf(stderr, "unexpected transfer list version [%s]\n", lines[0].c_str()); return StringValue(strdup("")); } - params.version = static_cast(val); fprintf(stderr, "blockimg version is %d\n", params.version); // Second line in transfer list is the total number of blocks we expect to write - int total_blocks = strtol(lines[1].c_str(), nullptr, 0); - - if (total_blocks < 0) { + int total_blocks; + if (!android::base::ParseInt(lines[1].c_str(), &total_blocks, 0)) { ErrorAbort(state, "unexpected block count [%s]\n", lines[1].c_str()); return StringValue(strdup("")); - } else if (total_blocks == 0) { + } + + if (total_blocks == 0) { return StringValue(strdup("t")); } @@ -1408,24 +1397,20 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg fprintf(stderr, "maximum stash entries %s\n", lines[2].c_str()); // Fourth line is the maximum number of blocks that will be stashed simultaneously - int stash_max_blocks = strtol(lines[3].c_str(), nullptr, 0); - - if (stash_max_blocks < 0) { + int stash_max_blocks; + if (!android::base::ParseInt(lines[3].c_str(), &stash_max_blocks, 0)) { ErrorAbort(state, "unexpected maximum stash blocks [%s]\n", lines[3].c_str()); return StringValue(strdup("")); } - if (stash_max_blocks >= 0) { - int res = CreateStash(state, stash_max_blocks, blockdev_filename->data, - params.stashbase); - - if (res == -1) { - return StringValue(strdup("")); - } + int res = CreateStash(state, stash_max_blocks, blockdev_filename->data, params.stashbase); - params.createdstash = res; + if (res == -1) { + return StringValue(strdup("")); } + params.createdstash = res; + start += 2; } diff --git a/updater/install.cpp b/updater/install.cpp index 68c990241..97e390560 100644 --- a/updater/install.cpp +++ b/updater/install.cpp @@ -34,6 +34,7 @@ #include #include +#include #include #include @@ -474,7 +475,8 @@ Value* ShowProgressFn(const char* name, State* state, int argc, Expr* argv[]) { } double frac = strtod(frac_str, NULL); - int sec = strtol(sec_str, NULL, 10); + int sec; + android::base::ParseInt(sec_str, &sec); UpdaterInfo* ui = (UpdaterInfo*)(state->cookie); fprintf(ui->cmd_pipe, "progress %f %d\n", frac, sec); @@ -1145,12 +1147,11 @@ Value* ApplyPatchSpaceFn(const char* name, State* state, return NULL; } - char* endptr; - size_t bytes = strtol(bytes_str, &endptr, 10); - if (bytes == 0 && endptr == bytes_str) { + size_t bytes; + if (!android::base::ParseUint(bytes_str, &bytes)) { ErrorAbort(state, "%s(): can't parse \"%s\" as byte count\n\n", name, bytes_str); free(bytes_str); - return NULL; + return nullptr; } return StringValue(strdup(CacheSizeCheck(bytes) ? "" : "t")); @@ -1174,16 +1175,14 @@ Value* ApplyPatchFn(const char* name, State* state, int argc, Expr* argv[]) { return NULL; } - char* endptr; - size_t target_size = strtol(target_size_str, &endptr, 10); - if (target_size == 0 && endptr == target_size_str) { - ErrorAbort(state, "%s(): can't parse \"%s\" as byte count", - name, target_size_str); + size_t target_size; + if (!android::base::ParseUint(target_size_str, &target_size)) { + ErrorAbort(state, "%s(): can't parse \"%s\" as byte count", name, target_size_str); free(source_filename); free(target_filename); free(target_sha1); free(target_size_str); - return NULL; + return nullptr; } int patchcount = (argc-4) / 2; @@ -1523,7 +1522,8 @@ Value* WipeBlockDeviceFn(const char* name, State* state, int argc, Expr* argv[]) char* len_str; if (ReadArgs(state, argv, 2, &filename, &len_str) < 0) return NULL; - size_t len = strtoull(len_str, NULL, 0); + size_t len; + android::base::ParseUint(len_str, &len); int fd = open(filename, O_WRONLY, 0644); int success = wipe_block_device(fd, len); -- cgit v1.2.3 From 6a47dffde514b2510fac9a6842d0c1b160e42fc5 Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Fri, 25 Sep 2015 17:12:28 -0700 Subject: updater: Skip empty lines in the transfer list file. We have the last line being empty as a result of android::base::Split("a\nb\n"), which leads to "missing command" warnings in the update. Just skip all the empty lines. Bug: 24373789 Change-Id: I5827e4600bd5cf0418d95477e4592fec47bbd3a9 --- updater/blockimg.cpp | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'updater') diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index ddb474ffd..54f2b6ed7 100644 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -1428,6 +1428,10 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg // Subsequent lines are all individual transfer commands for (auto it = lines.cbegin() + start; it != lines.cend(); it++) { const std::string& line_str(*it); + if (line_str.empty()) { + continue; + } + char* line = strdup(line_str.c_str()); params.cmdname = strtok_r(line, " ", ¶ms.cpos); -- cgit v1.2.3 From 0a7b47397db3648afe6f3aeb2abb175934c2cbca Mon Sep 17 00:00:00 2001 From: Sami Tolvanen Date: Thu, 25 Jun 2015 10:25:36 +0100 Subject: Error correction: Use libfec in blockimg.cpp for recovery Add block_image_recover function to rewrite corrupted blocks on the partition. This can be attempted if block_image_verify fails. Note that we cannot use libfec during block_image_update as it may overwrite blocks required for error correction. A separate recovery pass in case the image is corrupted is the only viable option. Bug: 21893453 Change-Id: I6ff25648fff68d5f50b41a601c95c509d1cc5bce --- updater/Android.mk | 3 ++- updater/blockimg.cpp | 76 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 78 insertions(+), 1 deletion(-) (limited to 'updater') diff --git a/updater/Android.mk b/updater/Android.mk index 82fa7e265..dcf437474 100644 --- a/updater/Android.mk +++ b/updater/Android.mk @@ -33,12 +33,13 @@ LOCAL_CLANG := true LOCAL_SRC_FILES := $(updater_src_files) +LOCAL_STATIC_LIBRARIES += libfec libfec_rs libext4_utils_static libsquashfs_utils libcrypto_static + ifeq ($(TARGET_USERIMAGES_USE_EXT4), true) LOCAL_CFLAGS += -DUSE_EXT4 LOCAL_CFLAGS += -Wno-unused-parameter LOCAL_C_INCLUDES += system/extras/ext4_utils LOCAL_STATIC_LIBRARIES += \ - libext4_utils_static \ libsparse_static \ libz endif diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index 54f2b6ed7..4a813b1d8 100644 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -31,6 +31,7 @@ #include #include #include +#include #include #include @@ -1638,8 +1639,83 @@ Value* RangeSha1Fn(const char* name, State* state, int /* argc */, Expr* argv[]) return StringValue(strdup(print_sha1(digest).c_str())); } +Value* BlockImageRecoverFn(const char* name, State* state, int argc, Expr* argv[]) { + Value* arg_filename; + Value* arg_ranges; + + if (ReadValueArgs(state, argv, 2, &arg_filename, &arg_ranges) < 0) { + return NULL; + } + + std::unique_ptr filename(arg_filename, FreeValue); + std::unique_ptr ranges(arg_ranges, FreeValue); + + if (filename->type != VAL_STRING) { + ErrorAbort(state, "filename argument to %s must be string", name); + return StringValue(strdup("")); + } + if (ranges->type != VAL_STRING) { + ErrorAbort(state, "ranges argument to %s must be string", name); + return StringValue(strdup("")); + } + + // When opened with O_RDWR, libfec rewrites corrupted blocks when they are read + fec::io fh(filename->data, O_RDWR); + + if (!fh) { + ErrorAbort(state, "fec_open \"%s\" failed: %s", filename->data, strerror(errno)); + return StringValue(strdup("")); + } + + if (!fh.has_ecc() || !fh.has_verity()) { + ErrorAbort(state, "unable to use metadata to correct errors"); + return StringValue(strdup("")); + } + + fec_status status; + + if (!fh.get_status(status)) { + ErrorAbort(state, "failed to read FEC status"); + return StringValue(strdup("")); + } + + RangeSet rs; + parse_range(ranges->data, rs); + + uint8_t buffer[BLOCKSIZE]; + + for (size_t i = 0; i < rs.count; ++i) { + for (size_t j = rs.pos[i * 2]; j < rs.pos[i * 2 + 1]; ++j) { + // Stay within the data area, libfec validates and corrects metadata + if (status.data_size <= (uint64_t)j * BLOCKSIZE) { + continue; + } + + if (fh.pread(buffer, BLOCKSIZE, (off64_t)j * BLOCKSIZE) != BLOCKSIZE) { + ErrorAbort(state, "failed to recover %s (block %d): %s", filename->data, + j, strerror(errno)); + return StringValue(strdup("")); + } + + // If we want to be able to recover from a situation where rewriting a corrected + // block doesn't guarantee the same data will be returned when re-read later, we + // can save a copy of corrected blocks to /cache. Note: + // + // 1. Maximum space required from /cache is the same as the maximum number of + // corrupted blocks we can correct. For RS(255, 253) and a 2 GiB partition, + // this would be ~16 MiB, for example. + // + // 2. To find out if this block was corrupted, call fec_get_status after each + // read and check if the errors field value has increased. + } + } + + return StringValue(strdup("t")); +} + void RegisterBlockImageFunctions() { RegisterFunction("block_image_verify", BlockImageVerifyFn); RegisterFunction("block_image_update", BlockImageUpdateFn); + RegisterFunction("block_image_recover", BlockImageRecoverFn); RegisterFunction("range_sha1", RangeSha1Fn); } -- cgit v1.2.3 From 1fdec8685af858c5ff4f45d2e3059186ab5ed2ab Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Wed, 21 Oct 2015 14:57:44 -0700 Subject: updater: Bump up the BBOTA version to 4. To accommodate new changes in N release, such as error correction [1] and other potential changes to the updater. [1]: commit 0a7b47397db3648afe6f3aeb2abb175934c2cbca Change-Id: I4dd44417d07dd0a31729894628635a0aa1659008 --- updater/blockimg.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'updater') diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index 4a813b1d8..dd6cf0d96 100644 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -1374,7 +1374,7 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg std::vector lines = android::base::Split(transfer_list, "\n"); // First line in transfer list is the version number - if (!android::base::ParseInt(lines[0].c_str(), ¶ms.version, 1, 3)) { + if (!android::base::ParseInt(lines[0].c_str(), ¶ms.version, 1, 4)) { fprintf(stderr, "unexpected transfer list version [%s]\n", lines[0].c_str()); return StringValue(strdup("")); } -- cgit v1.2.3 From 4b166f0e69d46858ff998414da2a01e0266fa339 Mon Sep 17 00:00:00 2001 From: Elliott Hughes Date: Fri, 4 Dec 2015 15:30:20 -0800 Subject: Track rename from base/ to android-base/. Change-Id: I354a8c424d340a9abe21fd716a4ee0d3b177d86f --- updater/blockimg.cpp | 4 ++-- updater/install.cpp | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) (limited to 'updater') diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index dd6cf0d96..a9d8cc68c 100644 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -37,8 +37,8 @@ #include #include -#include -#include +#include +#include #include "applypatch/applypatch.h" #include "edify/expr.h" diff --git a/updater/install.cpp b/updater/install.cpp index 97e390560..e2b3db7ce 100644 --- a/updater/install.cpp +++ b/updater/install.cpp @@ -34,9 +34,9 @@ #include #include -#include -#include -#include +#include +#include +#include #include "bootloader.h" #include "applypatch/applypatch.h" -- cgit v1.2.3 From baad2d454dc07ce916442987a2908a93fe6ae298 Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Sun, 6 Dec 2015 16:56:27 -0800 Subject: updater: Replace strtok() with android::base::Split(). Change-Id: I36346fa199a3261da1ae1bc310b3557fe1716d96 --- updater/blockimg.cpp | 277 ++++++++++++++++++++++++++------------------------- 1 file changed, 144 insertions(+), 133 deletions(-) (limited to 'updater') diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index a9d8cc68c..50067d479 100644 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -65,16 +65,9 @@ struct RangeSet { std::vector pos; // Actual limit is INT_MAX. }; -static void parse_range(const char* range_text, RangeSet& rs) { - - if (range_text == nullptr) { - fprintf(stderr, "failed to parse range: null range\n"); - exit(1); - } - - std::vector pieces = android::base::Split(std::string(range_text), ","); - long int val; +static void parse_range(const std::string& range_text, RangeSet& rs) { + std::vector pieces = android::base::Split(range_text, ","); if (pieces.size() < 3) { goto err; } @@ -120,7 +113,7 @@ static void parse_range(const char* range_text, RangeSet& rs) { return; err: - fprintf(stderr, "failed to parse range '%s'\n", range_text); + fprintf(stderr, "failed to parse range '%s'\n", range_text.c_str()); exit(1); } @@ -360,25 +353,49 @@ static int WriteBlocks(const RangeSet& tgt, const std::vector& buffer, return 0; } +// Parameters for transfer list command functions +struct CommandParameters { + std::vector tokens; + size_t cpos; + const char* cmdname; + const char* cmdline; + std::string freestash; + std::string stashbase; + bool canwrite; + int createdstash; + int fd; + bool foundwrites; + bool isunresumable; + int version; + size_t written; + NewThreadInfo nti; + pthread_t thread; + std::vector buffer; + uint8_t* patch_start; +}; + // Do a source/target load for move/bsdiff/imgdiff in version 1. -// 'wordsave' is the save_ptr of a strtok_r()-in-progress. We expect -// to parse the remainder of the string as: +// We expect to parse the remainder of the parameter tokens as: // // // // The source range is loaded into the provided buffer, reallocating // it to make it larger if necessary. -static int LoadSrcTgtVersion1(char** wordsave, RangeSet& tgt, size_t& src_blocks, +static int LoadSrcTgtVersion1(CommandParameters& params, RangeSet& tgt, size_t& src_blocks, std::vector& buffer, int fd) { + + if (params.cpos + 1 >= params.tokens.size()) { + fprintf(stderr, "invalid parameters\n"); + return -1; + } + // - char* word = strtok_r(nullptr, " ", wordsave); RangeSet src; - parse_range(word, src); + parse_range(params.tokens[params.cpos++], src); // - word = strtok_r(nullptr, " ", wordsave); - parse_range(word, tgt); + parse_range(params.tokens[params.cpos++], tgt); allocate(src.size * BLOCKSIZE, buffer); int rc = ReadBlocks(src, buffer, fd); @@ -694,18 +711,15 @@ static int CreateStash(State* state, int maxblocks, const char* blockdev, std::s return 0; // Using existing directory } -static int SaveStash(const std::string& base, char** wordsave, std::vector& buffer, - int fd, bool usehash) { - if (!wordsave) { - return -1; - } +static int SaveStash(CommandParameters& params, const std::string& base, + std::vector& buffer, int fd, bool usehash) { - char *id_tok = strtok_r(nullptr, " ", wordsave); - if (id_tok == nullptr) { - fprintf(stderr, "missing id field in stash command\n"); + // + if (params.cpos + 1 >= params.tokens.size()) { + fprintf(stderr, "missing id and/or src range fields in stash command\n"); return -1; } - std::string id(id_tok); + const std::string& id = params.tokens[params.cpos++]; size_t blocks = 0; if (usehash && LoadStash(base, id, true, &blocks, buffer, false) == 0) { @@ -715,9 +729,8 @@ static int SaveStash(const std::string& base, char** wordsave, std::vector& dest, const RangeSet& locs, } // Do a source/target load for move/bsdiff/imgdiff in version 2. -// 'wordsave' is the save_ptr of a strtok_r()-in-progress. We expect -// to parse the remainder of the string as one of: +// We expect to parse the remainder of the parameter tokens as one of: // // // (loads data from source image only) @@ -785,25 +796,35 @@ static void MoveRange(std::vector& dest, const RangeSet& locs, // reallocated if needed to accommodate the source data. *tgt is the // target RangeSet. Any stashes required are loaded using LoadStash. -static int LoadSrcTgtVersion2(char** wordsave, RangeSet& tgt, size_t& src_blocks, +static int LoadSrcTgtVersion2(CommandParameters& params, RangeSet& tgt, size_t& src_blocks, std::vector& buffer, int fd, const std::string& stashbase, bool* overlap) { + + // At least it needs to provide three parameters: , + // and "-"/. + if (params.cpos + 2 >= params.tokens.size()) { + fprintf(stderr, "invalid parameters\n"); + return -1; + } + // - char* word = strtok_r(nullptr, " ", wordsave); - parse_range(word, tgt); + parse_range(params.tokens[params.cpos++], tgt); // - word = strtok_r(nullptr, " ", wordsave); - android::base::ParseUint(word, &src_blocks); + const std::string& token = params.tokens[params.cpos++]; + if (!android::base::ParseUint(token.c_str(), &src_blocks)) { + fprintf(stderr, "invalid src_block_count \"%s\"\n", token.c_str()); + return -1; + } allocate(src_blocks * BLOCKSIZE, buffer); // "-" or [] - word = strtok_r(nullptr, " ", wordsave); - if (word[0] == '-' && word[1] == '\0') { + if (params.tokens[params.cpos] == "-") { // no source ranges, only stashes + params.cpos++; } else { RangeSet src; - parse_range(word, src); + parse_range(params.tokens[params.cpos++], src); int res = ReadBlocks(src, buffer, fd); if (overlap) { @@ -814,39 +835,39 @@ static int LoadSrcTgtVersion2(char** wordsave, RangeSet& tgt, size_t& src_blocks return -1; } - word = strtok_r(nullptr, " ", wordsave); - if (word == nullptr) { + if (params.cpos >= params.tokens.size()) { // no stashes, only source range return 0; } RangeSet locs; - parse_range(word, locs); + parse_range(params.tokens[params.cpos++], locs); MoveRange(buffer, locs, buffer); } - // <[stash_id:stash-range]> - char* colonsave; - while ((word = strtok_r(nullptr, " ", wordsave)) != nullptr) { + // <[stash_id:stash_range]> + while (params.cpos < params.tokens.size()) { // Each word is a an index into the stash table, a colon, and // then a rangeset describing where in the source block that // stashed data should go. - colonsave = nullptr; - char* colon = strtok_r(word, ":", &colonsave); + std::vector tokens = android::base::Split(params.tokens[params.cpos++], ":"); + if (tokens.size() != 2) { + fprintf(stderr, "invalid parameter\n"); + return -1; + } std::vector stash; - int res = LoadStash(stashbase, std::string(colon), false, nullptr, stash, true); + int res = LoadStash(stashbase, tokens[0], false, nullptr, stash, true); if (res == -1) { // These source blocks will fail verification if used later, but we // will let the caller decide if this is a fatal failure - fprintf(stderr, "failed to load stash %s\n", colon); + fprintf(stderr, "failed to load stash %s\n", tokens[0].c_str()); continue; } - colon = strtok_r(nullptr, ":", &colonsave); RangeSet locs; - parse_range(colon, locs); + parse_range(tokens[1], locs); MoveRange(buffer, locs, stash); } @@ -854,25 +875,6 @@ static int LoadSrcTgtVersion2(char** wordsave, RangeSet& tgt, size_t& src_blocks return 0; } -// Parameters for transfer list command functions -struct CommandParameters { - char* cmdname; - char* cpos; - char* freestash; - std::string stashbase; - bool canwrite; - int createdstash; - int fd; - bool foundwrites; - bool isunresumable; - int version; - size_t written; - NewThreadInfo nti; - pthread_t thread; - std::vector buffer; - uint8_t* patch_start; -}; - // Do a source/target load for move/bsdiff/imgdiff in version 3. // // Parameters are the same as for LoadSrcTgtVersion2, except for 'onehash', which @@ -893,26 +895,26 @@ struct CommandParameters { static int LoadSrcTgtVersion3(CommandParameters& params, RangeSet& tgt, size_t& src_blocks, bool onehash, bool& overlap) { - char* srchash = strtok_r(nullptr, " ", ¶ms.cpos); - if (srchash == nullptr) { + if (params.cpos >= params.tokens.size()) { fprintf(stderr, "missing source hash\n"); return -1; } - char* tgthash = nullptr; + std::string srchash = params.tokens[params.cpos++]; + std::string tgthash; + if (onehash) { tgthash = srchash; } else { - tgthash = strtok_r(nullptr, " ", ¶ms.cpos); - - if (tgthash == nullptr) { + if (params.cpos >= params.tokens.size()) { fprintf(stderr, "missing target hash\n"); return -1; } + tgthash = params.tokens[params.cpos++]; } - if (LoadSrcTgtVersion2(¶ms.cpos, tgt, src_blocks, params.buffer, params.fd, - params.stashbase, &overlap) == -1) { + if (LoadSrcTgtVersion2(params, tgt, src_blocks, params.buffer, params.fd, params.stashbase, + &overlap) == -1) { return -1; } @@ -931,7 +933,8 @@ static int LoadSrcTgtVersion3(CommandParameters& params, RangeSet& tgt, size_t& // If source and target blocks overlap, stash the source blocks so we can // resume from possible write errors if (overlap) { - fprintf(stderr, "stashing %zu overlapping blocks to %s\n", src_blocks, srchash); + fprintf(stderr, "stashing %zu overlapping blocks to %s\n", src_blocks, + srchash.c_str()); bool stash_exists = false; if (WriteStash(params.stashbase, srchash, src_blocks, params.buffer, true, @@ -971,9 +974,9 @@ static int PerformCommandMove(CommandParameters& params) { RangeSet tgt; if (params.version == 1) { - status = LoadSrcTgtVersion1(¶ms.cpos, tgt, blocks, params.buffer, params.fd); + status = LoadSrcTgtVersion1(params, tgt, blocks, params.buffer, params.fd); } else if (params.version == 2) { - status = LoadSrcTgtVersion2(¶ms.cpos, tgt, blocks, params.buffer, params.fd, + status = LoadSrcTgtVersion2(params, tgt, blocks, params.buffer, params.fd, params.stashbase, nullptr); } else if (params.version >= 3) { status = LoadSrcTgtVersion3(params, tgt, blocks, true, overlap); @@ -1003,9 +1006,9 @@ static int PerformCommandMove(CommandParameters& params) { } - if (params.freestash) { + if (!params.freestash.empty()) { FreeStash(params.stashbase, params.freestash); - params.freestash = nullptr; + params.freestash.clear(); } params.written += tgt.size; @@ -1014,28 +1017,33 @@ static int PerformCommandMove(CommandParameters& params) { } static int PerformCommandStash(CommandParameters& params) { - return SaveStash(params.stashbase, ¶ms.cpos, params.buffer, params.fd, + return SaveStash(params, params.stashbase, params.buffer, params.fd, (params.version >= 3)); } static int PerformCommandFree(CommandParameters& params) { + // + if (params.cpos >= params.tokens.size()) { + fprintf(stderr, "missing stash id in free command\n"); + return -1; + } + if (params.createdstash || params.canwrite) { - return FreeStash(params.stashbase, params.cpos); + return FreeStash(params.stashbase, params.tokens[params.cpos++]); } return 0; } static int PerformCommandZero(CommandParameters& params) { - char* range = strtok_r(nullptr, " ", ¶ms.cpos); - if (range == nullptr) { + if (params.cpos >= params.tokens.size()) { fprintf(stderr, "missing target blocks for zero\n"); return -1; } RangeSet tgt; - parse_range(range, tgt); + parse_range(params.tokens[params.cpos++], tgt); fprintf(stderr, " zeroing %zu blocks\n", tgt.size); @@ -1066,14 +1074,14 @@ static int PerformCommandZero(CommandParameters& params) { } static int PerformCommandNew(CommandParameters& params) { - char* range = strtok_r(nullptr, " ", ¶ms.cpos); - if (range == nullptr) { + if (params.cpos >= params.tokens.size()) { + fprintf(stderr, "missing target blocks for new\n"); return -1; } RangeSet tgt; - parse_range(range, tgt); + parse_range(params.tokens[params.cpos++], tgt); if (params.canwrite) { fprintf(stderr, " writing %zu blocks of new data\n", tgt.size); @@ -1105,33 +1113,32 @@ static int PerformCommandNew(CommandParameters& params) { static int PerformCommandDiff(CommandParameters& params) { - const std::string logparams(params.cpos); - char* value = strtok_r(nullptr, " ", ¶ms.cpos); - - if (value == nullptr) { - fprintf(stderr, "missing patch offset for %s\n", params.cmdname); + // + if (params.cpos + 1 >= params.tokens.size()) { + fprintf(stderr, "missing patch offset or length for %s\n", params.cmdname); return -1; } - size_t offset = strtoul(value, nullptr, 0); - - value = strtok_r(nullptr, " ", ¶ms.cpos); - - if (value == nullptr) { - fprintf(stderr, "missing patch length for %s\n", params.cmdname); + size_t offset; + if (!android::base::ParseUint(params.tokens[params.cpos++].c_str(), &offset)) { + fprintf(stderr, "invalid patch offset\n"); return -1; } - size_t len = strtoul(value, nullptr, 0); + size_t len; + if (!android::base::ParseUint(params.tokens[params.cpos++].c_str(), &len)) { + fprintf(stderr, "invalid patch offset\n"); + return -1; + } RangeSet tgt; size_t blocks = 0; bool overlap = false; int status = 0; if (params.version == 1) { - status = LoadSrcTgtVersion1(¶ms.cpos, tgt, blocks, params.buffer, params.fd); + status = LoadSrcTgtVersion1(params, tgt, blocks, params.buffer, params.fd); } else if (params.version == 2) { - status = LoadSrcTgtVersion2(¶ms.cpos, tgt, blocks, params.buffer, params.fd, + status = LoadSrcTgtVersion2(params, tgt, blocks, params.buffer, params.fd, params.stashbase, nullptr); } else if (params.version >= 3) { status = LoadSrcTgtVersion3(params, tgt, blocks, false, overlap); @@ -1180,13 +1187,13 @@ static int PerformCommandDiff(CommandParameters& params) { } } else { fprintf(stderr, "skipping %zu blocks already patched to %zu [%s]\n", - blocks, tgt.size, logparams.c_str()); + blocks, tgt.size, params.cmdline); } } - if (params.freestash) { + if (!params.freestash.empty()) { FreeStash(params.stashbase, params.freestash); - params.freestash = nullptr; + params.freestash.clear(); } params.written += tgt.size; @@ -1210,15 +1217,13 @@ static int PerformCommandErase(CommandParameters& params) { return -1; } - char* range = strtok_r(nullptr, " ", ¶ms.cpos); - - if (range == nullptr) { + if (params.cpos >= params.tokens.size()) { fprintf(stderr, "missing target blocks for erase\n"); return -1; } RangeSet tgt; - parse_range(range, tgt); + parse_range(params.tokens[params.cpos++], tgt); if (params.canwrite) { fprintf(stderr, " erasing %zu blocks\n", tgt.size); @@ -1278,7 +1283,6 @@ static unsigned int HashString(const char *s) { static Value* PerformBlockImageUpdate(const char* name, State* state, int /* argc */, Expr* argv[], const Command* commands, size_t cmdcount, bool dryrun) { - CommandParameters params; memset(¶ms, 0, sizeof(params)); params.canwrite = !dryrun; @@ -1368,10 +1372,14 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg } } - // The data in transfer_list_value is not necessarily null-terminated, so we need - // to copy it to a new buffer and add the null that strtok_r will need. + // Copy all the lines in transfer_list_value into std::string for + // processing. const std::string transfer_list(transfer_list_value->data, transfer_list_value->size); std::vector lines = android::base::Split(transfer_list, "\n"); + if (lines.size() < 2) { + ErrorAbort(state, "too few lines in the transfer list [%zd]\n", lines.size()); + return StringValue(strdup("")); + } // First line in transfer list is the version number if (!android::base::ParseInt(lines[0].c_str(), ¶ms.version, 1, 4)) { @@ -1394,6 +1402,11 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg size_t start = 2; if (params.version >= 2) { + if (lines.size() < 4) { + ErrorAbort(state, "too few lines in the transfer list [%zu]\n", lines.size()); + return StringValue(strdup("")); + } + // Third line is how many stash entries are needed simultaneously fprintf(stderr, "maximum stash entries %s\n", lines[2].c_str()); @@ -1405,7 +1418,6 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg } int res = CreateStash(state, stash_max_blocks, blockdev_filename->data, params.stashbase); - if (res == -1) { return StringValue(strdup("")); } @@ -1433,17 +1445,15 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg continue; } - char* line = strdup(line_str.c_str()); - params.cmdname = strtok_r(line, " ", ¶ms.cpos); - - if (params.cmdname == nullptr) { - fprintf(stderr, "missing command [%s]\n", line); - goto pbiudone; - } + params.tokens = android::base::Split(line_str, " "); + params.cpos = 0; + params.cmdname = params.tokens[params.cpos++].c_str(); + params.cmdline = line_str.c_str(); unsigned int cmdhash = HashString(params.cmdname); const Command* cmd = reinterpret_cast(mzHashTableLookup(cmdht, cmdhash, - params.cmdname, CompareCommandNames, false)); + const_cast(params.cmdname), CompareCommandNames, + false)); if (cmd == nullptr) { fprintf(stderr, "unexpected command [%s]\n", params.cmdname); @@ -1481,12 +1491,10 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg rc = 0; pbiudone: - if (params.fd != -1) { - if (fsync(params.fd) == -1) { - fprintf(stderr, "fsync failed: %s\n", strerror(errno)); - } - close(params.fd); + if (fsync(params.fd) == -1) { + fprintf(stderr, "fsync failed: %s\n", strerror(errno)); } + // params.fd will be automatically closed because of the fd_holder above. // Only delete the stash if the update cannot be resumed, or it's // a verification run and we created the stash. @@ -1526,6 +1534,9 @@ pbiudone: // - (version 2+ only) load the given source range and stash // the data in the given slot of the stash table. // +// free +// - (version 3+ only) free the given stash data. +// // The creator of the transfer list will guarantee that no block // is read (ie, used as the source for a patch or move) after it // has been written. @@ -1692,7 +1703,7 @@ Value* BlockImageRecoverFn(const char* name, State* state, int argc, Expr* argv[ } if (fh.pread(buffer, BLOCKSIZE, (off64_t)j * BLOCKSIZE) != BLOCKSIZE) { - ErrorAbort(state, "failed to recover %s (block %d): %s", filename->data, + ErrorAbort(state, "failed to recover %s (block %zu): %s", filename->data, j, strerror(errno)); return StringValue(strdup("")); } -- cgit v1.2.3 From 3b010bc393b773e4efc6f353352459386c80ca8c Mon Sep 17 00:00:00 2001 From: Tianjie Xu Date: Wed, 9 Dec 2015 15:29:45 -0800 Subject: updater: Output msg when recovery is called Output messages in log when recovery is attempted or succeeded during incremental OTA update. Change-Id: I4033df7ae3aaecbc61921d5337eda26f79164fda (cherry picked from commit b686ba211443490111729ba9d82eb0c0b305e185) --- updater/blockimg.cpp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'updater') diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index 50067d479..3b26f057a 100644 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -1670,6 +1670,9 @@ Value* BlockImageRecoverFn(const char* name, State* state, int argc, Expr* argv[ return StringValue(strdup("")); } + // Output notice to log when recover is attempted + fprintf(stderr, "%s image corrupted, attempting to recover...\n", filename->data); + // When opened with O_RDWR, libfec rewrites corrupted blocks when they are read fec::io fh(filename->data, O_RDWR); @@ -1720,7 +1723,7 @@ Value* BlockImageRecoverFn(const char* name, State* state, int argc, Expr* argv[ // read and check if the errors field value has increased. } } - + fprintf(stderr, "...%s image recovered successfully.\n", filename->data); return StringValue(strdup("t")); } -- cgit v1.2.3 From d3cac3443096c105cf1a1985677659105902cbdd Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Mon, 14 Dec 2015 15:53:25 -0800 Subject: updater: Use O_SYNC and fsync() for package_extract_file(). We are already using O_SYNC and fsync() for the recursive case (package_extract_dir()). Make it consistent for the single-file case. Bug: 20625549 Change-Id: I487736fe5a0647dd4a2428845e76bf642e0f0dff --- updater/install.cpp | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) (limited to 'updater') diff --git a/updater/install.cpp b/updater/install.cpp index e2b3db7ce..b09086964 100644 --- a/updater/install.cpp +++ b/updater/install.cpp @@ -555,14 +555,21 @@ Value* PackageExtractFileFn(const char* name, State* state, } { - FILE* f = fopen(dest_path, "wb"); - if (f == NULL) { - printf("%s: can't open %s for write: %s\n", - name, dest_path, strerror(errno)); + int fd = TEMP_FAILURE_RETRY(open(dest_path, O_WRONLY | O_CREAT | O_TRUNC | O_SYNC, + S_IRUSR | S_IWUSR)); + if (fd == -1) { + printf("%s: can't open %s for write: %s\n", name, dest_path, strerror(errno)); goto done2; } - success = mzExtractZipEntryToFile(za, entry, fileno(f)); - fclose(f); + success = mzExtractZipEntryToFile(za, entry, fd); + if (fsync(fd) == -1) { + printf("fsync of \"%s\" failed: %s\n", dest_path, strerror(errno)); + success = false; + } + if (close(fd) == -1) { + printf("close of \"%s\" failed: %s\n", dest_path, strerror(errno)); + success = false; + } } done2: -- cgit v1.2.3 From 30bf4765593e639966df9f460df22c3fe912e7bf Mon Sep 17 00:00:00 2001 From: Tianjie Xu Date: Tue, 15 Dec 2015 11:47:30 -0800 Subject: updater: Add a function to check first block Add and register a function to check if the device has been remounted since last update during incremental OTA. This function reads block 0 and executes before partition recovery for version >= 4. Bug: 21124327 Change-Id: I8b915b9f1d4736b3609daa9d16bd123225be357f --- updater/blockimg.cpp | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++++ updater/install.h | 3 +++ 2 files changed, 58 insertions(+) (limited to 'updater') diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index 3b26f057a..c6daf7db5 100644 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -42,6 +42,7 @@ #include "applypatch/applypatch.h" #include "edify/expr.h" +#include "install.h" #include "mincrypt/sha.h" #include "minzip/Hash.h" #include "print_sha1.h" @@ -1650,6 +1651,59 @@ Value* RangeSha1Fn(const char* name, State* state, int /* argc */, Expr* argv[]) return StringValue(strdup(print_sha1(digest).c_str())); } +// This function checks if a device has been remounted R/W prior to an incremental +// OTA update. This is an common cause of update abortion. The function reads the +// 1st block of each partition and check for mounting time/count. It return string "t" +// if executes successfully and an empty string otherwise. + +Value* CheckFirstBlockFn(const char* name, State* state, int argc, Expr* argv[]) { + Value* arg_filename; + + if (ReadValueArgs(state, argv, 1, &arg_filename) < 0) { + return nullptr; + } + std::unique_ptr filename(arg_filename, FreeValue); + + if (filename->type != VAL_STRING) { + ErrorAbort(state, "filename argument to %s must be string", name); + return StringValue(strdup("")); + } + + int fd = open(arg_filename->data, O_RDONLY); + unique_fd fd_holder(fd); + if (fd == -1) { + ErrorAbort(state, "open \"%s\" failed: %s", arg_filename->data, strerror(errno)); + return StringValue(strdup("")); + } + + RangeSet blk0 {1 /*count*/, 1/*size*/, std::vector {0, 1}/*position*/}; + std::vector block0_buffer(BLOCKSIZE); + + if (ReadBlocks(blk0, block0_buffer, fd) == -1) { + ErrorAbort(state, "failed to read %s: %s", arg_filename->data, + strerror(errno)); + return StringValue(strdup("")); + } + + // https://ext4.wiki.kernel.org/index.php/Ext4_Disk_Layout + // Super block starts from block 0, offset 0x400 + // 0x2C: len32 Mount time + // 0x30: len32 Write time + // 0x34: len16 Number of mounts since the last fsck + // 0x38: len16 Magic signature 0xEF53 + + time_t mount_time = *reinterpret_cast(&block0_buffer[0x400+0x2C]); + uint16_t mount_count = *reinterpret_cast(&block0_buffer[0x400+0x34]); + + if (mount_count > 0) { + uiPrintf(state, "Device was remounted R/W %d times\n", mount_count); + uiPrintf(state, "Last remount happened on %s", ctime(&mount_time)); + } + + return StringValue(strdup("t")); +} + + Value* BlockImageRecoverFn(const char* name, State* state, int argc, Expr* argv[]) { Value* arg_filename; Value* arg_ranges; @@ -1731,5 +1785,6 @@ void RegisterBlockImageFunctions() { RegisterFunction("block_image_verify", BlockImageVerifyFn); RegisterFunction("block_image_update", BlockImageUpdateFn); RegisterFunction("block_image_recover", BlockImageRecoverFn); + RegisterFunction("check_first_block", CheckFirstBlockFn); RegisterFunction("range_sha1", RangeSha1Fn); } diff --git a/updater/install.h b/updater/install.h index 659c8b41c..70e343404 100644 --- a/updater/install.h +++ b/updater/install.h @@ -19,6 +19,9 @@ void RegisterInstallFunctions(); +// uiPrintf function prints msg to screen as well as logs +void uiPrintf(State* state, const char* format, ...); + static int make_parents(char* name); #endif -- cgit v1.2.3 From f1fc48c6e62cfee42d25ad12f443e22d50c15d0b Mon Sep 17 00:00:00 2001 From: Jed Estep Date: Tue, 15 Dec 2015 16:04:53 -0800 Subject: IO fault injection for OTA packages Bug: 25951086 Change-Id: I31c74c735eb7a975b7f41fe2b2eff042e5699c0c --- updater/Android.mk | 2 +- updater/blockimg.cpp | 13 +++++++------ updater/install.cpp | 25 +++++++++++++------------ 3 files changed, 21 insertions(+), 19 deletions(-) (limited to 'updater') diff --git a/updater/Android.mk b/updater/Android.mk index dcf437474..d74dffc0c 100644 --- a/updater/Android.mk +++ b/updater/Android.mk @@ -45,7 +45,7 @@ LOCAL_STATIC_LIBRARIES += \ endif LOCAL_STATIC_LIBRARIES += $(TARGET_RECOVERY_UPDATER_LIBS) $(TARGET_RECOVERY_UPDATER_EXTRA_LIBS) -LOCAL_STATIC_LIBRARIES += libapplypatch libbase libedify libmtdutils libminzip libz +LOCAL_STATIC_LIBRARIES += libapplypatch libbase libotafault libedify libmtdutils libminzip libz LOCAL_STATIC_LIBRARIES += libmincrypt libbz LOCAL_STATIC_LIBRARIES += libcutils liblog libc LOCAL_STATIC_LIBRARIES += libselinux diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index 3b26f057a..86be47603 100644 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -44,6 +44,7 @@ #include "edify/expr.h" #include "mincrypt/sha.h" #include "minzip/Hash.h" +#include "otafault/ota_io.h" #include "print_sha1.h" #include "unique_fd.h" #include "updater.h" @@ -138,7 +139,7 @@ static bool range_overlaps(const RangeSet& r1, const RangeSet& r2) { static int read_all(int fd, uint8_t* data, size_t size) { size_t so_far = 0; while (so_far < size) { - ssize_t r = TEMP_FAILURE_RETRY(read(fd, data+so_far, size-so_far)); + ssize_t r = TEMP_FAILURE_RETRY(ota_read(fd, data+so_far, size-so_far)); if (r == -1) { fprintf(stderr, "read failed: %s\n", strerror(errno)); return -1; @@ -155,7 +156,7 @@ static int read_all(int fd, std::vector& buffer, size_t size) { static int write_all(int fd, const uint8_t* data, size_t size) { size_t written = 0; while (written < size) { - ssize_t w = TEMP_FAILURE_RETRY(write(fd, data+written, size-written)); + ssize_t w = TEMP_FAILURE_RETRY(ota_write(fd, data+written, size-written)); if (w == -1) { fprintf(stderr, "write failed: %s\n", strerror(errno)); return -1; @@ -621,7 +622,7 @@ static int WriteStash(const std::string& base, const std::string& id, int blocks return -1; } - if (fsync(fd) == -1) { + if (ota_fsync(fd) == -1) { fprintf(stderr, "fsync \"%s\" failed: %s\n", fn.c_str(), strerror(errno)); return -1; } @@ -641,7 +642,7 @@ static int WriteStash(const std::string& base, const std::string& id, int blocks return -1; } - if (fsync(dfd) == -1) { + if (ota_fsync(dfd) == -1) { fprintf(stderr, "fsync \"%s\" failed: %s\n", dname.c_str(), strerror(errno)); return -1; } @@ -1466,7 +1467,7 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg } if (params.canwrite) { - if (fsync(params.fd) == -1) { + if (ota_fsync(params.fd) == -1) { fprintf(stderr, "fsync failed: %s\n", strerror(errno)); goto pbiudone; } @@ -1491,7 +1492,7 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg rc = 0; pbiudone: - if (fsync(params.fd) == -1) { + if (ota_fsync(params.fd) == -1) { fprintf(stderr, "fsync failed: %s\n", strerror(errno)); } // params.fd will be automatically closed because of the fd_holder above. diff --git a/updater/install.cpp b/updater/install.cpp index b09086964..be9735595 100644 --- a/updater/install.cpp +++ b/updater/install.cpp @@ -48,6 +48,7 @@ #include "minzip/DirUtil.h" #include "mtdutils/mounts.h" #include "mtdutils/mtdutils.h" +#include "otafault/ota_io.h" #include "updater.h" #include "install.h" #include "tune2fs.h" @@ -555,18 +556,18 @@ Value* PackageExtractFileFn(const char* name, State* state, } { - int fd = TEMP_FAILURE_RETRY(open(dest_path, O_WRONLY | O_CREAT | O_TRUNC | O_SYNC, + int fd = TEMP_FAILURE_RETRY(ota_open(dest_path, O_WRONLY | O_CREAT | O_TRUNC | O_SYNC, S_IRUSR | S_IWUSR)); if (fd == -1) { printf("%s: can't open %s for write: %s\n", name, dest_path, strerror(errno)); goto done2; } success = mzExtractZipEntryToFile(za, entry, fd); - if (fsync(fd) == -1) { + if (ota_fsync(fd) == -1) { printf("fsync of \"%s\" failed: %s\n", dest_path, strerror(errno)); success = false; } - if (close(fd) == -1) { + if (ota_close(fd) == -1) { printf("close of \"%s\" failed: %s\n", dest_path, strerror(errno)); success = false; } @@ -999,7 +1000,7 @@ Value* FileGetPropFn(const char* name, State* state, int argc, Expr* argv[]) { goto done; } - if (fread(buffer, 1, st.st_size, f) != static_cast(st.st_size)) { + if (ota_fread(buffer, 1, st.st_size, f) != static_cast(st.st_size)) { ErrorAbort(state, "%s: failed to read %lld bytes from %s", name, (long long)st.st_size+1, filename); fclose(f); @@ -1102,7 +1103,7 @@ Value* WriteRawImageFn(const char* name, State* state, int argc, Expr* argv[]) { if (contents->type == VAL_STRING) { // we're given a filename as the contents char* filename = contents->data; - FILE* f = fopen(filename, "rb"); + FILE* f = ota_fopen(filename, "rb"); if (f == NULL) { printf("%s: can't open %s: %s\n", name, filename, strerror(errno)); result = strdup(""); @@ -1112,12 +1113,12 @@ Value* WriteRawImageFn(const char* name, State* state, int argc, Expr* argv[]) { success = true; char* buffer = reinterpret_cast(malloc(BUFSIZ)); int read; - while (success && (read = fread(buffer, 1, BUFSIZ, f)) > 0) { + while (success && (read = ota_fread(buffer, 1, BUFSIZ, f)) > 0) { int wrote = mtd_write_data(ctx, buffer, read); success = success && (wrote == read); } free(buffer); - fclose(f); + ota_fclose(f); } else { // we're given a blob as the contents ssize_t wrote = mtd_write_data(ctx, contents->data, contents->size); @@ -1445,7 +1446,7 @@ Value* RebootNowFn(const char* name, State* state, int argc, Expr* argv[]) { memset(buffer, 0, sizeof(((struct bootloader_message*)0)->command)); FILE* f = fopen(filename, "r+b"); fseek(f, offsetof(struct bootloader_message, command), SEEK_SET); - fwrite(buffer, sizeof(((struct bootloader_message*)0)->command), 1, f); + ota_fwrite(buffer, sizeof(((struct bootloader_message*)0)->command), 1, f); fclose(f); free(filename); @@ -1493,7 +1494,7 @@ Value* SetStageFn(const char* name, State* state, int argc, Expr* argv[]) { to_write = max_size; stagestr[max_size-1] = 0; } - fwrite(stagestr, to_write, 1, f); + ota_fwrite(stagestr, to_write, 1, f); fclose(f); free(stagestr); @@ -1513,7 +1514,7 @@ Value* GetStageFn(const char* name, State* state, int argc, Expr* argv[]) { char buffer[sizeof(((struct bootloader_message*)0)->stage)]; FILE* f = fopen(filename, "rb"); fseek(f, offsetof(struct bootloader_message, stage), SEEK_SET); - fread(buffer, sizeof(buffer), 1, f); + ota_fread(buffer, sizeof(buffer), 1, f); fclose(f); buffer[sizeof(buffer)-1] = '\0'; @@ -1531,13 +1532,13 @@ Value* WipeBlockDeviceFn(const char* name, State* state, int argc, Expr* argv[]) size_t len; android::base::ParseUint(len_str, &len); - int fd = open(filename, O_WRONLY, 0644); + int fd = ota_open(filename, O_WRONLY, 0644); int success = wipe_block_device(fd, len); free(filename); free(len_str); - close(fd); + ota_close(fd); return StringValue(strdup(success ? "t" : "")); } -- cgit v1.2.3 From 57bed6d8c9beace01b743580d6c878b0724d2f90 Mon Sep 17 00:00:00 2001 From: Tianjie Xu Date: Tue, 15 Dec 2015 11:47:30 -0800 Subject: updater: Add a function to check first block Add and register a function to check if the device has been remounted since last update during incremental OTA. This function reads block 0 and executes before partition recovery for version >= 4. Bug: 21124327 Change-Id: I8b915b9f1d4736b3609daa9d16bd123225be357f (cherry picked from commit 30bf4765593e639966df9f460df22c3fe912e7bf) --- updater/blockimg.cpp | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++++ updater/install.h | 3 +++ 2 files changed, 58 insertions(+) (limited to 'updater') diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index 3b26f057a..c6daf7db5 100644 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -42,6 +42,7 @@ #include "applypatch/applypatch.h" #include "edify/expr.h" +#include "install.h" #include "mincrypt/sha.h" #include "minzip/Hash.h" #include "print_sha1.h" @@ -1650,6 +1651,59 @@ Value* RangeSha1Fn(const char* name, State* state, int /* argc */, Expr* argv[]) return StringValue(strdup(print_sha1(digest).c_str())); } +// This function checks if a device has been remounted R/W prior to an incremental +// OTA update. This is an common cause of update abortion. The function reads the +// 1st block of each partition and check for mounting time/count. It return string "t" +// if executes successfully and an empty string otherwise. + +Value* CheckFirstBlockFn(const char* name, State* state, int argc, Expr* argv[]) { + Value* arg_filename; + + if (ReadValueArgs(state, argv, 1, &arg_filename) < 0) { + return nullptr; + } + std::unique_ptr filename(arg_filename, FreeValue); + + if (filename->type != VAL_STRING) { + ErrorAbort(state, "filename argument to %s must be string", name); + return StringValue(strdup("")); + } + + int fd = open(arg_filename->data, O_RDONLY); + unique_fd fd_holder(fd); + if (fd == -1) { + ErrorAbort(state, "open \"%s\" failed: %s", arg_filename->data, strerror(errno)); + return StringValue(strdup("")); + } + + RangeSet blk0 {1 /*count*/, 1/*size*/, std::vector {0, 1}/*position*/}; + std::vector block0_buffer(BLOCKSIZE); + + if (ReadBlocks(blk0, block0_buffer, fd) == -1) { + ErrorAbort(state, "failed to read %s: %s", arg_filename->data, + strerror(errno)); + return StringValue(strdup("")); + } + + // https://ext4.wiki.kernel.org/index.php/Ext4_Disk_Layout + // Super block starts from block 0, offset 0x400 + // 0x2C: len32 Mount time + // 0x30: len32 Write time + // 0x34: len16 Number of mounts since the last fsck + // 0x38: len16 Magic signature 0xEF53 + + time_t mount_time = *reinterpret_cast(&block0_buffer[0x400+0x2C]); + uint16_t mount_count = *reinterpret_cast(&block0_buffer[0x400+0x34]); + + if (mount_count > 0) { + uiPrintf(state, "Device was remounted R/W %d times\n", mount_count); + uiPrintf(state, "Last remount happened on %s", ctime(&mount_time)); + } + + return StringValue(strdup("t")); +} + + Value* BlockImageRecoverFn(const char* name, State* state, int argc, Expr* argv[]) { Value* arg_filename; Value* arg_ranges; @@ -1731,5 +1785,6 @@ void RegisterBlockImageFunctions() { RegisterFunction("block_image_verify", BlockImageVerifyFn); RegisterFunction("block_image_update", BlockImageUpdateFn); RegisterFunction("block_image_recover", BlockImageRecoverFn); + RegisterFunction("check_first_block", CheckFirstBlockFn); RegisterFunction("range_sha1", RangeSha1Fn); } diff --git a/updater/install.h b/updater/install.h index 659c8b41c..70e343404 100644 --- a/updater/install.h +++ b/updater/install.h @@ -19,6 +19,9 @@ void RegisterInstallFunctions(); +// uiPrintf function prints msg to screen as well as logs +void uiPrintf(State* state, const char* format, ...); + static int make_parents(char* name); #endif -- cgit v1.2.3 From c48cb5e5972bbeb1cacbe37b80a3e9f8003b54b7 Mon Sep 17 00:00:00 2001 From: Sen Jiang Date: Thu, 4 Feb 2016 16:23:21 +0800 Subject: Switch from mincrypt to BoringSSL in applypatch and updater. Bug: 18790686 Change-Id: I7d2136fb39b2266f5ae5be24819c617b08a6c21e --- updater/Android.mk | 2 +- updater/blockimg.cpp | 19 +++++++++---------- updater/install.cpp | 14 +++++++------- 3 files changed, 17 insertions(+), 18 deletions(-) (limited to 'updater') diff --git a/updater/Android.mk b/updater/Android.mk index dcf437474..6fdd30895 100644 --- a/updater/Android.mk +++ b/updater/Android.mk @@ -46,7 +46,7 @@ endif LOCAL_STATIC_LIBRARIES += $(TARGET_RECOVERY_UPDATER_LIBS) $(TARGET_RECOVERY_UPDATER_EXTRA_LIBS) LOCAL_STATIC_LIBRARIES += libapplypatch libbase libedify libmtdutils libminzip libz -LOCAL_STATIC_LIBRARIES += libmincrypt libbz +LOCAL_STATIC_LIBRARIES += libbz LOCAL_STATIC_LIBRARIES += libcutils liblog libc LOCAL_STATIC_LIBRARIES += libselinux tune2fs_static_libraries := \ diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index c6daf7db5..6e056006c 100644 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -43,7 +43,7 @@ #include "applypatch/applypatch.h" #include "edify/expr.h" #include "install.h" -#include "mincrypt/sha.h" +#include "openssl/sha.h" #include "minzip/Hash.h" #include "print_sha1.h" #include "unique_fd.h" @@ -407,10 +407,10 @@ static int LoadSrcTgtVersion1(CommandParameters& params, RangeSet& tgt, size_t& static int VerifyBlocks(const std::string& expected, const std::vector& buffer, const size_t blocks, bool printerror) { - uint8_t digest[SHA_DIGEST_SIZE]; + uint8_t digest[SHA_DIGEST_LENGTH]; const uint8_t* data = buffer.data(); - SHA_hash(data, blocks * BLOCKSIZE, digest); + SHA1(data, blocks * BLOCKSIZE, digest); std::string hexdigest = print_sha1(digest); @@ -662,10 +662,8 @@ static int CreateStash(State* state, int maxblocks, const char* blockdev, std::s // Stash directory should be different for each partition to avoid conflicts // when updating multiple partitions at the same time, so we use the hash of // the block device name as the base directory - SHA_CTX ctx; - SHA_init(&ctx); - SHA_update(&ctx, blockdev, strlen(blockdev)); - const uint8_t* digest = SHA_final(&ctx); + uint8_t digest[SHA_DIGEST_LENGTH]; + SHA1(reinterpret_cast(blockdev), strlen(blockdev), digest); base = print_sha1(digest); std::string dirname = GetStashFileName(base, "", ""); @@ -1627,7 +1625,7 @@ Value* RangeSha1Fn(const char* name, State* state, int /* argc */, Expr* argv[]) parse_range(ranges->data, rs); SHA_CTX ctx; - SHA_init(&ctx); + SHA1_Init(&ctx); std::vector buffer(BLOCKSIZE); for (size_t i = 0; i < rs.count; ++i) { @@ -1643,10 +1641,11 @@ Value* RangeSha1Fn(const char* name, State* state, int /* argc */, Expr* argv[]) return StringValue(strdup("")); } - SHA_update(&ctx, buffer.data(), BLOCKSIZE); + SHA1_Update(&ctx, buffer.data(), BLOCKSIZE); } } - const uint8_t* digest = SHA_final(&ctx); + uint8_t digest[SHA_DIGEST_LENGTH]; + SHA1_Final(digest, &ctx); return StringValue(strdup(print_sha1(digest).c_str())); } diff --git a/updater/install.cpp b/updater/install.cpp index b09086964..5326b12a8 100644 --- a/updater/install.cpp +++ b/updater/install.cpp @@ -44,7 +44,7 @@ #include "cutils/misc.h" #include "cutils/properties.h" #include "edify/expr.h" -#include "mincrypt/sha.h" +#include "openssl/sha.h" #include "minzip/DirUtil.h" #include "mtdutils/mounts.h" #include "mtdutils/mtdutils.h" @@ -91,10 +91,10 @@ void uiPrintf(State* state, const char* format, ...) { // Take a sha-1 digest and return it as a newly-allocated hex string. char* PrintSha1(const uint8_t* digest) { - char* buffer = reinterpret_cast(malloc(SHA_DIGEST_SIZE*2 + 1)); + char* buffer = reinterpret_cast(malloc(SHA_DIGEST_LENGTH*2 + 1)); const char* alphabet = "0123456789abcdef"; size_t i; - for (i = 0; i < SHA_DIGEST_SIZE; ++i) { + for (i = 0; i < SHA_DIGEST_LENGTH; ++i) { buffer[i*2] = alphabet[(digest[i] >> 4) & 0xf]; buffer[i*2+1] = alphabet[digest[i] & 0xf]; } @@ -1357,8 +1357,8 @@ Value* Sha1CheckFn(const char* name, State* state, int argc, Expr* argv[]) { if (args[0]->size < 0) { return StringValue(strdup("")); } - uint8_t digest[SHA_DIGEST_SIZE]; - SHA_hash(args[0]->data, args[0]->size, digest); + uint8_t digest[SHA_DIGEST_LENGTH]; + SHA1(reinterpret_cast(args[0]->data), args[0]->size, digest); FreeValue(args[0]); if (argc == 1) { @@ -1366,7 +1366,7 @@ Value* Sha1CheckFn(const char* name, State* state, int argc, Expr* argv[]) { } int i; - uint8_t* arg_digest = reinterpret_cast(malloc(SHA_DIGEST_SIZE)); + uint8_t* arg_digest = reinterpret_cast(malloc(SHA_DIGEST_LENGTH)); for (i = 1; i < argc; ++i) { if (args[i]->type != VAL_STRING) { printf("%s(): arg %d is not a string; skipping", @@ -1375,7 +1375,7 @@ Value* Sha1CheckFn(const char* name, State* state, int argc, Expr* argv[]) { // Warn about bad args and skip them. printf("%s(): error parsing \"%s\" as sha-1; skipping", name, args[i]->data); - } else if (memcmp(digest, arg_digest, SHA_DIGEST_SIZE) == 0) { + } else if (memcmp(digest, arg_digest, SHA_DIGEST_LENGTH) == 0) { break; } FreeValue(args[i]); -- cgit v1.2.3 From 64be2135d8f4df070c65c1e89753e888822bb5e3 Mon Sep 17 00:00:00 2001 From: Yabin Cui Date: Wed, 3 Feb 2016 18:16:02 -0800 Subject: updater: fix memory leak based on static analysis. Bug: 26907377 Change-Id: I384c0131322b2d12f0ef489735e70e86819846a4 --- updater/install.cpp | 83 +++++++++++++++++++++++++---------------------------- 1 file changed, 39 insertions(+), 44 deletions(-) (limited to 'updater') diff --git a/updater/install.cpp b/updater/install.cpp index 5326b12a8..45bbf2bc1 100644 --- a/updater/install.cpp +++ b/updater/install.cpp @@ -34,6 +34,9 @@ #include #include +#include +#include + #include #include #include @@ -439,8 +442,7 @@ Value* DeleteFn(const char* name, State* state, int argc, Expr* argv[]) { for (int i = 0; i < argc; ++i) { paths[i] = Evaluate(state, argv[i]); if (paths[i] == NULL) { - int j; - for (j = 0; j < i; ++i) { + for (int j = 0; j < i; ++j) { free(paths[j]); } free(paths); @@ -581,13 +583,13 @@ Value* PackageExtractFileFn(const char* name, State* state, // as the result. char* zip_path; + if (ReadArgs(state, argv, 1, &zip_path) < 0) return NULL; + Value* v = reinterpret_cast(malloc(sizeof(Value))); v->type = VAL_BLOB; v->size = -1; v->data = NULL; - if (ReadArgs(state, argv, 1, &zip_path) < 0) return NULL; - ZipArchive* za = ((UpdaterInfo*)(state->cookie))->package_zip; const ZipEntry* entry = mzFindZipEntry(za, zip_path); if (entry == NULL) { @@ -1193,44 +1195,40 @@ Value* ApplyPatchFn(const char* name, State* state, int argc, Expr* argv[]) { } int patchcount = (argc-4) / 2; - Value** patches = ReadValueVarArgs(state, argc-4, argv+4); + std::unique_ptr arg_values(ReadValueVarArgs(state, argc-4, argv+4), + free); + if (!arg_values) { + return nullptr; + } + std::vector> patch_shas; + std::vector> patches; + // Protect values by unique_ptrs first to get rid of memory leak. + for (int i = 0; i < patchcount * 2; i += 2) { + patch_shas.emplace_back(arg_values.get()[i], FreeValue); + patches.emplace_back(arg_values.get()[i+1], FreeValue); + } - int i; - for (i = 0; i < patchcount; ++i) { - if (patches[i*2]->type != VAL_STRING) { + for (int i = 0; i < patchcount; ++i) { + if (patch_shas[i]->type != VAL_STRING) { ErrorAbort(state, "%s(): sha-1 #%d is not string", name, i); - break; + return nullptr; } - if (patches[i*2+1]->type != VAL_BLOB) { + if (patches[i]->type != VAL_BLOB) { ErrorAbort(state, "%s(): patch #%d is not blob", name, i); - break; + return nullptr; } } - if (i != patchcount) { - for (i = 0; i < patchcount*2; ++i) { - FreeValue(patches[i]); - } - free(patches); - return NULL; - } - char** patch_sha_str = reinterpret_cast(malloc(patchcount * sizeof(char*))); - for (i = 0; i < patchcount; ++i) { - patch_sha_str[i] = patches[i*2]->data; - patches[i*2]->data = NULL; - FreeValue(patches[i*2]); - patches[i] = patches[i*2+1]; + std::vector patch_sha_str; + std::vector patch_ptrs; + for (int i = 0; i < patchcount; ++i) { + patch_sha_str.push_back(patch_shas[i]->data); + patch_ptrs.push_back(patches[i].get()); } int result = applypatch(source_filename, target_filename, target_sha1, target_size, - patchcount, patch_sha_str, patches, NULL); - - for (i = 0; i < patchcount; ++i) { - FreeValue(patches[i]); - } - free(patch_sha_str); - free(patches); + patchcount, patch_sha_str.data(), patch_ptrs.data(), NULL); return StringValue(strdup(result == 0 ? "t" : "")); } @@ -1349,9 +1347,13 @@ Value* Sha1CheckFn(const char* name, State* state, int argc, Expr* argv[]) { return ErrorAbort(state, "%s() expects at least 1 arg", name); } - Value** args = ReadValueVarArgs(state, argc, argv); - if (args == NULL) { - return NULL; + std::unique_ptr arg_values(ReadValueVarArgs(state, argc, argv), free); + if (arg_values == nullptr) { + return nullptr; + } + std::vector> args; + for (int i = 0; i < argc; ++i) { + args.emplace_back(arg_values.get()[i], FreeValue); } if (args[0]->size < 0) { @@ -1359,14 +1361,13 @@ Value* Sha1CheckFn(const char* name, State* state, int argc, Expr* argv[]) { } uint8_t digest[SHA_DIGEST_LENGTH]; SHA1(reinterpret_cast(args[0]->data), args[0]->size, digest); - FreeValue(args[0]); if (argc == 1) { return StringValue(PrintSha1(digest)); } int i; - uint8_t* arg_digest = reinterpret_cast(malloc(SHA_DIGEST_LENGTH)); + uint8_t arg_digest[SHA_DIGEST_LENGTH]; for (i = 1; i < argc; ++i) { if (args[i]->type != VAL_STRING) { printf("%s(): arg %d is not a string; skipping", @@ -1378,19 +1379,13 @@ Value* Sha1CheckFn(const char* name, State* state, int argc, Expr* argv[]) { } else if (memcmp(digest, arg_digest, SHA_DIGEST_LENGTH) == 0) { break; } - FreeValue(args[i]); } if (i >= argc) { // Didn't match any of the hex strings; return false. return StringValue(strdup("")); } - // Found a match; free all the remaining arguments and return the - // matched one. - int j; - for (j = i+1; j < argc; ++j) { - FreeValue(args[j]); - } - return args[i]; + // Found a match. + return args[i].release(); } // Read a local file and return its contents (the Value* returned -- cgit v1.2.3 From fa12b9737dd4ab36c3b4abaf25eb79f692e6eba6 Mon Sep 17 00:00:00 2001 From: Tianjie Xu Date: Fri, 5 Feb 2016 18:25:58 -0800 Subject: Reboot and retry on I/O errors When I/O error happens, reboot and retry installation two times before we abort this OTA update. Bug: 25633753 Change-Id: Iba6d4203a343a725aa625a41d237606980d62f69 (cherry picked from commit 3c62b67faf8a25f1dd1c44dc19759c3997fdfd36) --- updater/updater.cpp | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'updater') diff --git a/updater/updater.cpp b/updater/updater.cpp index 0f22e6d04..ddc01e125 100644 --- a/updater/updater.cpp +++ b/updater/updater.cpp @@ -35,6 +35,8 @@ // (Note it's "updateR-script", not the older "update-script".) #define SCRIPT_NAME "META-INF/com/google/android/updater-script" +extern bool have_eio_error; + struct selabel_handle *sehandle; int main(int argc, char** argv) { @@ -139,6 +141,11 @@ int main(int argc, char** argv) { state.errmsg = NULL; char* result = Evaluate(&state, root); + + if (have_eio_error) { + fprintf(cmd_pipe, "retry_update\n"); + } + if (result == NULL) { if (state.errmsg == NULL) { printf("script aborted (no error message)\n"); -- cgit v1.2.3 From 1c522df25f9524eaa0273538b3de0b9ad1b8fcea Mon Sep 17 00:00:00 2001 From: Yabin Cui Date: Wed, 10 Feb 2016 16:41:10 -0800 Subject: applypatch: use vector to store data in FileContents. Cherry pick this patch because it fixes the problem that a newed Value is released by free(). Bug: 26906416 Change-Id: Ib53b445cd415a1ed5e95733fbc4073f9ef4dbc43 (cherry picked from commit d6c93afcc28cc65217ba65eeb646009c4f15a2ad) --- updater/install.cpp | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) (limited to 'updater') diff --git a/updater/install.cpp b/updater/install.cpp index a2efc0b97..b7d9e85a2 100644 --- a/updater/install.cpp +++ b/updater/install.cpp @@ -1398,21 +1398,22 @@ Value* ReadFileFn(const char* name, State* state, int argc, Expr* argv[]) { char* filename; if (ReadArgs(state, argv, 1, &filename) < 0) return NULL; - Value* v = reinterpret_cast(malloc(sizeof(Value))); + Value* v = static_cast(malloc(sizeof(Value))); + if (v == nullptr) { + return nullptr; + } v->type = VAL_BLOB; + v->size = -1; + v->data = nullptr; FileContents fc; if (LoadFileContents(filename, &fc) != 0) { - free(filename); - v->size = -1; - v->data = NULL; - free(fc.data); - return v; + v->data = static_cast(malloc(fc.data.size())); + if (v->data != nullptr) { + memcpy(v->data, fc.data.data(), fc.data.size()); + v->size = fc.data.size(); + } } - - v->size = fc.size; - v->data = (char*)fc.data; - free(filename); return v; } -- cgit v1.2.3 From f73abf36bcfd433a3fdd1664a77e8e531346c1b1 Mon Sep 17 00:00:00 2001 From: Jed Estep Date: Tue, 15 Dec 2015 16:04:53 -0800 Subject: DO NOT MERGE Control fault injection with config files instead of build flags Bug: 26570379 Change-Id: I76109d09276d6e3ed3a32b6fedafb2582f545c0c --- updater/blockimg.cpp | 2 +- updater/install.cpp | 2 +- updater/updater.cpp | 2 ++ 3 files changed, 4 insertions(+), 2 deletions(-) (limited to 'updater') diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index e9c8ddbc0..faa7008c5 100644 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -45,7 +45,7 @@ #include "install.h" #include "openssl/sha.h" #include "minzip/Hash.h" -#include "otafault/ota_io.h" +#include "ota_io.h" #include "print_sha1.h" #include "unique_fd.h" #include "updater.h" diff --git a/updater/install.cpp b/updater/install.cpp index b7d9e85a2..6ae1e5fbf 100644 --- a/updater/install.cpp +++ b/updater/install.cpp @@ -51,7 +51,7 @@ #include "minzip/DirUtil.h" #include "mtdutils/mounts.h" #include "mtdutils/mtdutils.h" -#include "otafault/ota_io.h" +#include "ota_io.h" #include "updater.h" #include "install.h" #include "tune2fs.h" diff --git a/updater/updater.cpp b/updater/updater.cpp index ddc01e125..1693fa1db 100644 --- a/updater/updater.cpp +++ b/updater/updater.cpp @@ -25,6 +25,7 @@ #include "blockimg.h" #include "minzip/Zip.h" #include "minzip/SysUtil.h" +#include "config.h" // Generated by the makefile, this function defines the // RegisterDeviceExtensions() function, which calls all the @@ -84,6 +85,7 @@ int main(int argc, char** argv) { argv[3], strerror(err)); return 3; } + ota_io_init(&za); const ZipEntry* script_entry = mzFindZipEntry(&za, SCRIPT_NAME); if (script_entry == NULL) { -- cgit v1.2.3 From 0188935d55206e8c2becb29e995f166cb7040355 Mon Sep 17 00:00:00 2001 From: Tianjie Xu Date: Tue, 22 Mar 2016 18:08:12 -0700 Subject: Skip stashing source blocks in verify mode Currently block_image_verify() stashes source blocks to /cache and in some case triggers I/O errors. To avoid this risk, We create a map from the hash value to the source blocks' range_set. When executing stash command in verify mode, source range is saved but block contents aren't stashed. And load_stash could get its value from either the stashed file from the previous update, or the contents on the source partition specified by the saved range. Bug: 27584487 Bug: 25633753 Change-Id: I775baf4bee55762b6e7b204f8294afc597afd996 --- updater/blockimg.cpp | 54 ++++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 46 insertions(+), 8 deletions(-) (limited to 'updater') diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index faa7008c5..c20bad904 100644 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -33,6 +33,7 @@ #include #include +#include #include #include #include @@ -67,6 +68,8 @@ struct RangeSet { std::vector pos; // Actual limit is INT_MAX. }; +static std::map stash_map; + static void parse_range(const std::string& range_text, RangeSet& rs) { std::vector pieces = android::base::Split(range_text, ","); @@ -522,8 +525,28 @@ static void DeleteStash(const std::string& base) { } } -static int LoadStash(const std::string& base, const std::string& id, bool verify, size_t* blocks, - std::vector& buffer, bool printnoent) { +static int LoadStash(CommandParameters& params, const std::string& base, const std::string& id, + bool verify, size_t* blocks, std::vector& buffer, bool printnoent) { + // In verify mode, if source range_set was saved for the given hash, + // check contents in the source blocks first. If the check fails, + // search for the stashed files on /cache as usual. + if (!params.canwrite) { + if (stash_map.find(id) != stash_map.end()) { + const RangeSet& src = stash_map[id]; + allocate(src.size * BLOCKSIZE, buffer); + + if (ReadBlocks(src, buffer, params.fd) == -1) { + fprintf(stderr, "failed to read source blocks in stash map.\n"); + return -1; + } + if (VerifyBlocks(id, buffer, src.size, true) != 0) { + fprintf(stderr, "failed to verify loaded source blocks in stash map.\n"); + return -1; + } + return 0; + } + } + if (base.empty()) { return -1; } @@ -722,7 +745,7 @@ static int SaveStash(CommandParameters& params, const std::string& base, const std::string& id = params.tokens[params.cpos++]; size_t blocks = 0; - if (usehash && LoadStash(base, id, true, &blocks, buffer, false) == 0) { + if (usehash && LoadStash(params, base, id, true, &blocks, buffer, false) == 0) { // Stash file already exists and has expected contents. Do not // read from source again, as the source may have been already // overwritten during a previous attempt. @@ -747,6 +770,12 @@ static int SaveStash(CommandParameters& params, const std::string& base, return 0; } + // In verify mode, save source range_set instead of stashing blocks. + if (!params.canwrite && usehash) { + stash_map[id] = src; + return 0; + } + fprintf(stderr, "stashing %zu blocks to %s\n", blocks, id.c_str()); return WriteStash(base, id, blocks, buffer, false, nullptr); } @@ -857,7 +886,7 @@ static int LoadSrcTgtVersion2(CommandParameters& params, RangeSet& tgt, size_t& } std::vector stash; - int res = LoadStash(stashbase, tokens[0], false, nullptr, stash, true); + int res = LoadStash(params, stashbase, tokens[0], false, nullptr, stash, true); if (res == -1) { // These source blocks will fail verification if used later, but we @@ -931,8 +960,9 @@ static int LoadSrcTgtVersion3(CommandParameters& params, RangeSet& tgt, size_t& if (VerifyBlocks(srchash, params.buffer, src_blocks, true) == 0) { // If source and target blocks overlap, stash the source blocks so we can - // resume from possible write errors - if (overlap) { + // resume from possible write errors. In verify mode, we can skip stashing + // because the source blocks won't be overwritten. + if (overlap && params.canwrite) { fprintf(stderr, "stashing %zu overlapping blocks to %s\n", src_blocks, srchash.c_str()); @@ -953,7 +983,8 @@ static int LoadSrcTgtVersion3(CommandParameters& params, RangeSet& tgt, size_t& return 0; } - if (overlap && LoadStash(params.stashbase, srchash, true, nullptr, params.buffer, true) == 0) { + if (overlap && LoadStash(params, params.stashbase, srchash, true, nullptr, params.buffer, + true) == 0) { // Overlapping source blocks were previously stashed, command can proceed. // We are recovering from an interrupted command, so we don't know if the // stash can safely be deleted after this command. @@ -1028,8 +1059,15 @@ static int PerformCommandFree(CommandParameters& params) { return -1; } + const std::string& id = params.tokens[params.cpos++]; + + if (!params.canwrite && stash_map.find(id) != stash_map.end()) { + stash_map.erase(id); + return 0; + } + if (params.createdstash || params.canwrite) { - return FreeStash(params.stashbase, params.tokens[params.cpos++]); + return FreeStash(params.stashbase, id); } return 0; -- cgit v1.2.3 From dd874b1c87eb04f28db0db2629df0adde568a74c Mon Sep 17 00:00:00 2001 From: Tianjie Xu Date: Fri, 13 May 2016 12:13:15 -0700 Subject: Add time and I/O info to last_install One example of last_install is: /sideload/package.zip 1 time_total: 101 bytes_written_system: 14574000 bytes_stashed_system: 100 bytes_written_vendor: 5107400 bytes_stashed_vendor: 0 Bug: 28658632 Change-Id: I4bf79ea71a609068d38fbce6b41bcb892524aa7a --- updater/blockimg.cpp | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'updater') diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index c20bad904..d67af664a 100644 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -373,6 +373,7 @@ struct CommandParameters { bool isunresumable; int version; size_t written; + size_t stashed; NewThreadInfo nti; pthread_t thread; std::vector buffer; @@ -777,6 +778,7 @@ static int SaveStash(CommandParameters& params, const std::string& base, } fprintf(stderr, "stashing %zu blocks to %s\n", blocks, id.c_str()); + params.stashed += blocks; return WriteStash(base, id, blocks, buffer, false, nullptr); } @@ -973,6 +975,7 @@ static int LoadSrcTgtVersion3(CommandParameters& params, RangeSet& tgt, size_t& return -1; } + params.stashed += src_blocks; // Can be deleted when the write has completed if (!stash_exists) { params.freestash = srchash; @@ -1517,8 +1520,17 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg pthread_join(params.thread, nullptr); fprintf(stderr, "wrote %zu blocks; expected %d\n", params.written, total_blocks); + fprintf(stderr, "stashed %zu blocks\n", params.stashed); fprintf(stderr, "max alloc needed was %zu\n", params.buffer.size()); + const char* partition = strrchr(blockdev_filename->data, '/'); + if (partition != nullptr && *(partition+1) != 0) { + fprintf(cmd_pipe, "log bytes_written_%s: %zu\n", partition + 1, + params.written * BLOCKSIZE); + fprintf(cmd_pipe, "log bytes_stashed_%s: %zu\n", partition + 1, + params.stashed * BLOCKSIZE); + fflush(cmd_pipe); + } // Delete stash only after successfully completing the update, as it // may contain blocks needed to complete the update later. DeleteStash(params.stashbase); -- cgit v1.2.3 From 162558382b768a4120b3e41090a4c7b53f11469a Mon Sep 17 00:00:00 2001 From: Tianjie Xu Date: Sat, 30 Apr 2016 11:49:59 -0700 Subject: Allow recovery to return error codes Write error code, cause code, and retry count into last_install. So we can have more information about the reason of a failed OTA. Example of new last_install: @/cache/recovery/block.map package name 0 install result retry: 1 retry count (new) error: 30 error code (new) cause: 12 error cause (new) Details in: go/android-ota-errorcode Bug: 28471955 Change-Id: I00e7153c821e7355c1be81a86c7f228108f3dc37 --- updater/blockimg.cpp | 81 +++++++++++++++++++++----------- updater/install.cpp | 129 ++++++++++++++++++++++++++++----------------------- updater/updater.cpp | 17 +++++++ 3 files changed, 141 insertions(+), 86 deletions(-) (limited to 'updater') diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index d67af664a..2efa1cd47 100644 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -43,6 +43,7 @@ #include "applypatch/applypatch.h" #include "edify/expr.h" +#include "error_code.h" #include "install.h" #include "openssl/sha.h" #include "minzip/Hash.h" @@ -68,6 +69,7 @@ struct RangeSet { std::vector pos; // Actual limit is INT_MAX. }; +static CauseCode failure_type = kNoCause; static std::map stash_map; static void parse_range(const std::string& range_text, RangeSet& rs) { @@ -145,6 +147,7 @@ static int read_all(int fd, uint8_t* data, size_t size) { while (so_far < size) { ssize_t r = TEMP_FAILURE_RETRY(ota_read(fd, data+so_far, size-so_far)); if (r == -1) { + failure_type = kFreadFailure; fprintf(stderr, "read failed: %s\n", strerror(errno)); return -1; } @@ -162,6 +165,7 @@ static int write_all(int fd, const uint8_t* data, size_t size) { while (written < size) { ssize_t w = TEMP_FAILURE_RETRY(ota_write(fd, data+written, size-written)); if (w == -1) { + failure_type = kFwriteFailure; fprintf(stderr, "write failed: %s\n", strerror(errno)); return -1; } @@ -178,6 +182,7 @@ static int write_all(int fd, const std::vector& buffer, size_t size) { static bool check_lseek(int fd, off64_t offset, int whence) { off64_t rc = TEMP_FAILURE_RETRY(lseek64(fd, offset, whence)); if (rc == -1) { + failure_type = kLseekFailure; fprintf(stderr, "lseek64 failed: %s\n", strerror(errno)); return false; } @@ -648,6 +653,7 @@ static int WriteStash(const std::string& base, const std::string& id, int blocks } if (ota_fsync(fd) == -1) { + failure_type = kFsyncFailure; fprintf(stderr, "fsync \"%s\" failed: %s\n", fn.c_str(), strerror(errno)); return -1; } @@ -663,11 +669,13 @@ static int WriteStash(const std::string& base, const std::string& id, int blocks unique_fd dfd_holder(dfd); if (dfd == -1) { + failure_type = kFileOpenFailure; fprintf(stderr, "failed to open \"%s\" failed: %s\n", dname.c_str(), strerror(errno)); return -1; } if (ota_fsync(dfd) == -1) { + failure_type = kFsyncFailure; fprintf(stderr, "fsync \"%s\" failed: %s\n", dname.c_str(), strerror(errno)); return -1; } @@ -696,19 +704,21 @@ static int CreateStash(State* state, int maxblocks, const char* blockdev, std::s int res = stat(dirname.c_str(), &sb); if (res == -1 && errno != ENOENT) { - ErrorAbort(state, "stat \"%s\" failed: %s\n", dirname.c_str(), strerror(errno)); + ErrorAbort(state, kStashCreationFailure, "stat \"%s\" failed: %s\n", + dirname.c_str(), strerror(errno)); return -1; } else if (res != 0) { fprintf(stderr, "creating stash %s\n", dirname.c_str()); res = mkdir(dirname.c_str(), STASH_DIRECTORY_MODE); if (res != 0) { - ErrorAbort(state, "mkdir \"%s\" failed: %s\n", dirname.c_str(), strerror(errno)); + ErrorAbort(state, kStashCreationFailure, "mkdir \"%s\" failed: %s\n", + dirname.c_str(), strerror(errno)); return -1; } if (CacheSizeCheck(maxblocks * BLOCKSIZE) != 0) { - ErrorAbort(state, "not enough space for stash\n"); + ErrorAbort(state, kStashCreationFailure, "not enough space for stash\n"); return -1; } @@ -728,7 +738,8 @@ static int CreateStash(State* state, int maxblocks, const char* blockdev, std::s size = maxblocks * BLOCKSIZE - size; if (size > 0 && CacheSizeCheck(size) != 0) { - ErrorAbort(state, "not enough space for stash (%d more needed)\n", size); + ErrorAbort(state, kStashCreationFailure, "not enough space for stash (%d more needed)\n", + size); return -1; } @@ -1346,19 +1357,21 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg std::unique_ptr patch_data_fn_holder(patch_data_fn, FreeValue); if (blockdev_filename->type != VAL_STRING) { - ErrorAbort(state, "blockdev_filename argument to %s must be string", name); + ErrorAbort(state, kArgsParsingFailure, "blockdev_filename argument to %s must be string", + name); return StringValue(strdup("")); } if (transfer_list_value->type != VAL_BLOB) { - ErrorAbort(state, "transfer_list argument to %s must be blob", name); + ErrorAbort(state, kArgsParsingFailure, "transfer_list argument to %s must be blob", name); return StringValue(strdup("")); } if (new_data_fn->type != VAL_STRING) { - ErrorAbort(state, "new_data_fn argument to %s must be string", name); + ErrorAbort(state, kArgsParsingFailure, "new_data_fn argument to %s must be string", name); return StringValue(strdup("")); } if (patch_data_fn->type != VAL_STRING) { - ErrorAbort(state, "patch_data_fn argument to %s must be string", name); + ErrorAbort(state, kArgsParsingFailure, "patch_data_fn argument to %s must be string", + name); return StringValue(strdup("")); } @@ -1418,7 +1431,8 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg const std::string transfer_list(transfer_list_value->data, transfer_list_value->size); std::vector lines = android::base::Split(transfer_list, "\n"); if (lines.size() < 2) { - ErrorAbort(state, "too few lines in the transfer list [%zd]\n", lines.size()); + ErrorAbort(state, kArgsParsingFailure, "too few lines in the transfer list [%zd]\n", + lines.size()); return StringValue(strdup("")); } @@ -1433,7 +1447,7 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg // Second line in transfer list is the total number of blocks we expect to write int total_blocks; if (!android::base::ParseInt(lines[1].c_str(), &total_blocks, 0)) { - ErrorAbort(state, "unexpected block count [%s]\n", lines[1].c_str()); + ErrorAbort(state, kArgsParsingFailure, "unexpected block count [%s]\n", lines[1].c_str()); return StringValue(strdup("")); } @@ -1444,7 +1458,8 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg size_t start = 2; if (params.version >= 2) { if (lines.size() < 4) { - ErrorAbort(state, "too few lines in the transfer list [%zu]\n", lines.size()); + ErrorAbort(state, kArgsParsingFailure, "too few lines in the transfer list [%zu]\n", + lines.size()); return StringValue(strdup("")); } @@ -1454,7 +1469,8 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg // Fourth line is the maximum number of blocks that will be stashed simultaneously int stash_max_blocks; if (!android::base::ParseInt(lines[3].c_str(), &stash_max_blocks, 0)) { - ErrorAbort(state, "unexpected maximum stash blocks [%s]\n", lines[3].c_str()); + ErrorAbort(state, kArgsParsingFailure, "unexpected maximum stash blocks [%s]\n", + lines[3].c_str()); return StringValue(strdup("")); } @@ -1508,6 +1524,7 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg if (params.canwrite) { if (ota_fsync(params.fd) == -1) { + failure_type = kFsyncFailure; fprintf(stderr, "fsync failed: %s\n", strerror(errno)); goto pbiudone; } @@ -1542,6 +1559,7 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg pbiudone: if (ota_fsync(params.fd) == -1) { + failure_type = kFsyncFailure; fprintf(stderr, "fsync failed: %s\n", strerror(errno)); } // params.fd will be automatically closed because of the fd_holder above. @@ -1552,6 +1570,10 @@ pbiudone: DeleteStash(params.stashbase); } + if (failure_type != kNoCause && state->cause_code == kNoCause) { + state->cause_code = failure_type; + } + return StringValue(rc == 0 ? strdup("t") : strdup("")); } @@ -1657,18 +1679,20 @@ Value* RangeSha1Fn(const char* name, State* state, int /* argc */, Expr* argv[]) FreeValue); if (blockdev_filename->type != VAL_STRING) { - ErrorAbort(state, "blockdev_filename argument to %s must be string", name); + ErrorAbort(state, kArgsParsingFailure, "blockdev_filename argument to %s must be string", + name); return StringValue(strdup("")); } if (ranges->type != VAL_STRING) { - ErrorAbort(state, "ranges argument to %s must be string", name); + ErrorAbort(state, kArgsParsingFailure, "ranges argument to %s must be string", name); return StringValue(strdup("")); } int fd = open(blockdev_filename->data, O_RDWR); unique_fd fd_holder(fd); if (fd < 0) { - ErrorAbort(state, "open \"%s\" failed: %s", blockdev_filename->data, strerror(errno)); + ErrorAbort(state, kFileOpenFailure, "open \"%s\" failed: %s", blockdev_filename->data, + strerror(errno)); return StringValue(strdup("")); } @@ -1681,13 +1705,14 @@ Value* RangeSha1Fn(const char* name, State* state, int /* argc */, Expr* argv[]) std::vector buffer(BLOCKSIZE); for (size_t i = 0; i < rs.count; ++i) { if (!check_lseek(fd, (off64_t)rs.pos[i*2] * BLOCKSIZE, SEEK_SET)) { - ErrorAbort(state, "failed to seek %s: %s", blockdev_filename->data, strerror(errno)); + ErrorAbort(state, kLseekFailure, "failed to seek %s: %s", blockdev_filename->data, + strerror(errno)); return StringValue(strdup("")); } for (size_t j = rs.pos[i*2]; j < rs.pos[i*2+1]; ++j) { if (read_all(fd, buffer, BLOCKSIZE) == -1) { - ErrorAbort(state, "failed to read %s: %s", blockdev_filename->data, + ErrorAbort(state, kFreadFailure, "failed to read %s: %s", blockdev_filename->data, strerror(errno)); return StringValue(strdup("")); } @@ -1715,14 +1740,15 @@ Value* CheckFirstBlockFn(const char* name, State* state, int argc, Expr* argv[]) std::unique_ptr filename(arg_filename, FreeValue); if (filename->type != VAL_STRING) { - ErrorAbort(state, "filename argument to %s must be string", name); + ErrorAbort(state, kArgsParsingFailure, "filename argument to %s must be string", name); return StringValue(strdup("")); } int fd = open(arg_filename->data, O_RDONLY); unique_fd fd_holder(fd); if (fd == -1) { - ErrorAbort(state, "open \"%s\" failed: %s", arg_filename->data, strerror(errno)); + ErrorAbort(state, kFileOpenFailure, "open \"%s\" failed: %s", arg_filename->data, + strerror(errno)); return StringValue(strdup("")); } @@ -1730,7 +1756,7 @@ Value* CheckFirstBlockFn(const char* name, State* state, int argc, Expr* argv[]) std::vector block0_buffer(BLOCKSIZE); if (ReadBlocks(blk0, block0_buffer, fd) == -1) { - ErrorAbort(state, "failed to read %s: %s", arg_filename->data, + ErrorAbort(state, kFreadFailure, "failed to read %s: %s", arg_filename->data, strerror(errno)); return StringValue(strdup("")); } @@ -1766,11 +1792,11 @@ Value* BlockImageRecoverFn(const char* name, State* state, int argc, Expr* argv[ std::unique_ptr ranges(arg_ranges, FreeValue); if (filename->type != VAL_STRING) { - ErrorAbort(state, "filename argument to %s must be string", name); + ErrorAbort(state, kArgsParsingFailure, "filename argument to %s must be string", name); return StringValue(strdup("")); } if (ranges->type != VAL_STRING) { - ErrorAbort(state, "ranges argument to %s must be string", name); + ErrorAbort(state, kArgsParsingFailure, "ranges argument to %s must be string", name); return StringValue(strdup("")); } @@ -1781,19 +1807,20 @@ Value* BlockImageRecoverFn(const char* name, State* state, int argc, Expr* argv[ fec::io fh(filename->data, O_RDWR); if (!fh) { - ErrorAbort(state, "fec_open \"%s\" failed: %s", filename->data, strerror(errno)); + ErrorAbort(state, kLibfecFailure, "fec_open \"%s\" failed: %s", filename->data, + strerror(errno)); return StringValue(strdup("")); } if (!fh.has_ecc() || !fh.has_verity()) { - ErrorAbort(state, "unable to use metadata to correct errors"); + ErrorAbort(state, kLibfecFailure, "unable to use metadata to correct errors"); return StringValue(strdup("")); } fec_status status; if (!fh.get_status(status)) { - ErrorAbort(state, "failed to read FEC status"); + ErrorAbort(state, kLibfecFailure, "failed to read FEC status"); return StringValue(strdup("")); } @@ -1810,8 +1837,8 @@ Value* BlockImageRecoverFn(const char* name, State* state, int argc, Expr* argv[ } if (fh.pread(buffer, BLOCKSIZE, (off64_t)j * BLOCKSIZE) != BLOCKSIZE) { - ErrorAbort(state, "failed to recover %s (block %zu): %s", filename->data, - j, strerror(errno)); + ErrorAbort(state, kLibfecFailure, "failed to recover %s (block %zu): %s", + filename->data, j, strerror(errno)); return StringValue(strdup("")); } diff --git a/updater/install.cpp b/updater/install.cpp index 6ae1e5fbf..1a647dfa5 100644 --- a/updater/install.cpp +++ b/updater/install.cpp @@ -47,10 +47,11 @@ #include "cutils/misc.h" #include "cutils/properties.h" #include "edify/expr.h" -#include "openssl/sha.h" +#include "error_code.h" #include "minzip/DirUtil.h" #include "mtdutils/mounts.h" #include "mtdutils/mtdutils.h" +#include "openssl/sha.h" #include "ota_io.h" #include "updater.h" #include "install.h" @@ -113,7 +114,7 @@ char* PrintSha1(const uint8_t* digest) { Value* MountFn(const char* name, State* state, int argc, Expr* argv[]) { char* result = NULL; if (argc != 4 && argc != 5) { - return ErrorAbort(state, "%s() expects 4-5 args, got %d", name, argc); + return ErrorAbort(state, kArgsParsingFailure, "%s() expects 4-5 args, got %d", name, argc); } char* fs_type; char* partition_type; @@ -136,20 +137,21 @@ Value* MountFn(const char* name, State* state, int argc, Expr* argv[]) { } if (strlen(fs_type) == 0) { - ErrorAbort(state, "fs_type argument to %s() can't be empty", name); + ErrorAbort(state, kArgsParsingFailure, "fs_type argument to %s() can't be empty", name); goto done; } if (strlen(partition_type) == 0) { - ErrorAbort(state, "partition_type argument to %s() can't be empty", + ErrorAbort(state, kArgsParsingFailure, "partition_type argument to %s() can't be empty", name); goto done; } if (strlen(location) == 0) { - ErrorAbort(state, "location argument to %s() can't be empty", name); + ErrorAbort(state, kArgsParsingFailure, "location argument to %s() can't be empty", name); goto done; } if (strlen(mount_point) == 0) { - ErrorAbort(state, "mount_point argument to %s() can't be empty", name); + ErrorAbort(state, kArgsParsingFailure, "mount_point argument to %s() can't be empty", + name); goto done; } @@ -212,14 +214,14 @@ done: Value* IsMountedFn(const char* name, State* state, int argc, Expr* argv[]) { char* result = NULL; if (argc != 1) { - return ErrorAbort(state, "%s() expects 1 arg, got %d", name, argc); + return ErrorAbort(state, kArgsParsingFailure, "%s() expects 1 arg, got %d", name, argc); } char* mount_point; if (ReadArgs(state, argv, 1, &mount_point) < 0) { return NULL; } if (strlen(mount_point) == 0) { - ErrorAbort(state, "mount_point argument to unmount() can't be empty"); + ErrorAbort(state, kArgsParsingFailure, "mount_point argument to unmount() can't be empty"); goto done; } @@ -242,14 +244,14 @@ done: Value* UnmountFn(const char* name, State* state, int argc, Expr* argv[]) { char* result = NULL; if (argc != 1) { - return ErrorAbort(state, "%s() expects 1 arg, got %d", name, argc); + return ErrorAbort(state, kArgsParsingFailure, "%s() expects 1 arg, got %d", name, argc); } char* mount_point; if (ReadArgs(state, argv, 1, &mount_point) < 0) { return NULL; } if (strlen(mount_point) == 0) { - ErrorAbort(state, "mount_point argument to unmount() can't be empty"); + ErrorAbort(state, kArgsParsingFailure, "mount_point argument to unmount() can't be empty"); goto done; } @@ -300,7 +302,7 @@ static int exec_cmd(const char* path, char* const argv[]) { Value* FormatFn(const char* name, State* state, int argc, Expr* argv[]) { char* result = NULL; if (argc != 5) { - return ErrorAbort(state, "%s() expects 5 args, got %d", name, argc); + return ErrorAbort(state, kArgsParsingFailure, "%s() expects 5 args, got %d", name, argc); } char* fs_type; char* partition_type; @@ -313,21 +315,22 @@ Value* FormatFn(const char* name, State* state, int argc, Expr* argv[]) { } if (strlen(fs_type) == 0) { - ErrorAbort(state, "fs_type argument to %s() can't be empty", name); + ErrorAbort(state, kArgsParsingFailure, "fs_type argument to %s() can't be empty", name); goto done; } if (strlen(partition_type) == 0) { - ErrorAbort(state, "partition_type argument to %s() can't be empty", + ErrorAbort(state, kArgsParsingFailure, "partition_type argument to %s() can't be empty", name); goto done; } if (strlen(location) == 0) { - ErrorAbort(state, "location argument to %s() can't be empty", name); + ErrorAbort(state, kArgsParsingFailure, "location argument to %s() can't be empty", name); goto done; } if (strlen(mount_point) == 0) { - ErrorAbort(state, "mount_point argument to %s() can't be empty", name); + ErrorAbort(state, kArgsParsingFailure, "mount_point argument to %s() can't be empty", + name); goto done; } @@ -402,7 +405,7 @@ done: Value* RenameFn(const char* name, State* state, int argc, Expr* argv[]) { char* result = NULL; if (argc != 2) { - return ErrorAbort(state, "%s() expects 2 args, got %d", name, argc); + return ErrorAbort(state, kArgsParsingFailure, "%s() expects 2 args, got %d", name, argc); } char* src_name; @@ -412,21 +415,21 @@ Value* RenameFn(const char* name, State* state, int argc, Expr* argv[]) { return NULL; } if (strlen(src_name) == 0) { - ErrorAbort(state, "src_name argument to %s() can't be empty", name); + ErrorAbort(state, kArgsParsingFailure, "src_name argument to %s() can't be empty", name); goto done; } if (strlen(dst_name) == 0) { - ErrorAbort(state, "dst_name argument to %s() can't be empty", name); + ErrorAbort(state, kArgsParsingFailure, "dst_name argument to %s() can't be empty", name); goto done; } if (make_parents(dst_name) != 0) { - ErrorAbort(state, "Creating parent of %s failed, error %s", + ErrorAbort(state, kFileRenameFailure, "Creating parent of %s failed, error %s", dst_name, strerror(errno)); } else if (access(dst_name, F_OK) == 0 && access(src_name, F_OK) != 0) { // File was already moved result = dst_name; } else if (rename(src_name, dst_name) != 0) { - ErrorAbort(state, "Rename of %s to %s failed, error %s", + ErrorAbort(state, kFileRenameFailure, "Rename of %s to %s failed, error %s", src_name, dst_name, strerror(errno)); } else { result = dst_name; @@ -469,7 +472,7 @@ Value* DeleteFn(const char* name, State* state, int argc, Expr* argv[]) { Value* ShowProgressFn(const char* name, State* state, int argc, Expr* argv[]) { if (argc != 2) { - return ErrorAbort(state, "%s() expects 2 args, got %d", name, argc); + return ErrorAbort(state, kArgsParsingFailure, "%s() expects 2 args, got %d", name, argc); } char* frac_str; char* sec_str; @@ -490,7 +493,7 @@ Value* ShowProgressFn(const char* name, State* state, int argc, Expr* argv[]) { Value* SetProgressFn(const char* name, State* state, int argc, Expr* argv[]) { if (argc != 1) { - return ErrorAbort(state, "%s() expects 1 arg, got %d", name, argc); + return ErrorAbort(state, kArgsParsingFailure, "%s() expects 1 arg, got %d", name, argc); } char* frac_str; if (ReadArgs(state, argv, 1, &frac_str) < 0) { @@ -509,7 +512,7 @@ Value* SetProgressFn(const char* name, State* state, int argc, Expr* argv[]) { Value* PackageExtractDirFn(const char* name, State* state, int argc, Expr* argv[]) { if (argc != 2) { - return ErrorAbort(state, "%s() expects 2 args, got %d", name, argc); + return ErrorAbort(state, kArgsParsingFailure, "%s() expects 2 args, got %d", name, argc); } char* zip_path; char* dest_path; @@ -537,7 +540,7 @@ Value* PackageExtractDirFn(const char* name, State* state, Value* PackageExtractFileFn(const char* name, State* state, int argc, Expr* argv[]) { if (argc < 1 || argc > 2) { - return ErrorAbort(state, "%s() expects 1 or 2 args, got %d", + return ErrorAbort(state, kArgsParsingFailure, "%s() expects 1 or 2 args, got %d", name, argc); } bool success = false; @@ -645,7 +648,7 @@ static int make_parents(char* name) { // unlinks any previously existing src1, src2, etc before creating symlinks. Value* SymlinkFn(const char* name, State* state, int argc, Expr* argv[]) { if (argc == 0) { - return ErrorAbort(state, "%s() expects 1+ args, got %d", name, argc); + return ErrorAbort(state, kArgsParsingFailure, "%s() expects 1+ args, got %d", name, argc); } char* target; target = Evaluate(state, argv[0]); @@ -681,7 +684,7 @@ Value* SymlinkFn(const char* name, State* state, int argc, Expr* argv[]) { } free(srcs); if (bad) { - return ErrorAbort(state, "%s: some symlinks failed", name); + return ErrorAbort(state, kSymlinkFailure, "%s: some symlinks failed", name); } return StringValue(strdup("")); } @@ -905,14 +908,16 @@ static Value* SetMetadataFn(const char* name, State* state, int argc, Expr* argv bool recursive = (strcmp(name, "set_metadata_recursive") == 0); if ((argc % 2) != 1) { - return ErrorAbort(state, "%s() expects an odd number of arguments, got %d", name, argc); + return ErrorAbort(state, kArgsParsingFailure, + "%s() expects an odd number of arguments, got %d", name, argc); } char** args = ReadVarArgs(state, argc, argv); if (args == NULL) return NULL; if (lstat(args[0], &sb) == -1) { - result = ErrorAbort(state, "%s: Error on lstat of \"%s\": %s", name, args[0], strerror(errno)); + result = ErrorAbort(state, kSetMetadataFailure, "%s: Error on lstat of \"%s\": %s", + name, args[0], strerror(errno)); goto done; } @@ -941,7 +946,7 @@ done: } if (bad > 0) { - return ErrorAbort(state, "%s: some changes failed", name); + return ErrorAbort(state, kSetMetadataFailure, "%s: some changes failed", name); } return StringValue(strdup("")); @@ -949,7 +954,7 @@ done: Value* GetPropFn(const char* name, State* state, int argc, Expr* argv[]) { if (argc != 1) { - return ErrorAbort(state, "%s() expects 1 arg, got %d", name, argc); + return ErrorAbort(state, kArgsParsingFailure, "%s() expects 1 arg, got %d", name, argc); } char* key = Evaluate(state, argv[0]); if (key == NULL) return NULL; @@ -978,32 +983,36 @@ Value* FileGetPropFn(const char* name, State* state, int argc, Expr* argv[]) { struct stat st; if (stat(filename, &st) < 0) { - ErrorAbort(state, "%s: failed to stat \"%s\": %s", name, filename, strerror(errno)); + ErrorAbort(state, kFileGetPropFailure, "%s: failed to stat \"%s\": %s", name, filename, + strerror(errno)); goto done; } #define MAX_FILE_GETPROP_SIZE 65536 if (st.st_size > MAX_FILE_GETPROP_SIZE) { - ErrorAbort(state, "%s too large for %s (max %d)", filename, name, MAX_FILE_GETPROP_SIZE); + ErrorAbort(state, kFileGetPropFailure, "%s too large for %s (max %d)", filename, name, + MAX_FILE_GETPROP_SIZE); goto done; } buffer = reinterpret_cast(malloc(st.st_size+1)); if (buffer == NULL) { - ErrorAbort(state, "%s: failed to alloc %lld bytes", name, (long long)st.st_size+1); + ErrorAbort(state, kFileGetPropFailure, "%s: failed to alloc %lld bytes", name, + (long long)st.st_size+1); goto done; } FILE* f; f = fopen(filename, "rb"); if (f == NULL) { - ErrorAbort(state, "%s: failed to open %s: %s", name, filename, strerror(errno)); + ErrorAbort(state, kFileOpenFailure, "%s: failed to open %s: %s", name, filename, + strerror(errno)); goto done; } if (ota_fread(buffer, 1, st.st_size, f) != static_cast(st.st_size)) { - ErrorAbort(state, "%s: failed to read %lld bytes from %s", + ErrorAbort(state, kFreadFailure, "%s: failed to read %lld bytes from %s", name, (long long)st.st_size+1, filename); fclose(f); goto done; @@ -1069,16 +1078,16 @@ Value* WriteRawImageFn(const char* name, State* state, int argc, Expr* argv[]) { char* partition = NULL; if (partition_value->type != VAL_STRING) { - ErrorAbort(state, "partition argument to %s must be string", name); + ErrorAbort(state, kArgsParsingFailure, "partition argument to %s must be string", name); goto done; } partition = partition_value->data; if (strlen(partition) == 0) { - ErrorAbort(state, "partition argument to %s can't be empty", name); + ErrorAbort(state, kArgsParsingFailure, "partition argument to %s can't be empty", name); goto done; } if (contents->type == VAL_STRING && strlen((char*) contents->data) == 0) { - ErrorAbort(state, "file argument to %s can't be empty", name); + ErrorAbort(state, kArgsParsingFailure, "file argument to %s can't be empty", name); goto done; } @@ -1159,7 +1168,8 @@ Value* ApplyPatchSpaceFn(const char* name, State* state, size_t bytes; if (!android::base::ParseUint(bytes_str, &bytes)) { - ErrorAbort(state, "%s(): can't parse \"%s\" as byte count\n\n", name, bytes_str); + ErrorAbort(state, kArgsParsingFailure, "%s(): can't parse \"%s\" as byte count\n\n", + name, bytes_str); free(bytes_str); return nullptr; } @@ -1171,9 +1181,8 @@ Value* ApplyPatchSpaceFn(const char* name, State* state, Value* ApplyPatchFn(const char* name, State* state, int argc, Expr* argv[]) { if (argc < 6 || (argc % 2) == 1) { - return ErrorAbort(state, "%s(): expected at least 6 args and an " - "even number, got %d", - name, argc); + return ErrorAbort(state, kArgsParsingFailure, "%s(): expected at least 6 args and an " + "even number, got %d", name, argc); } char* source_filename; @@ -1187,7 +1196,8 @@ Value* ApplyPatchFn(const char* name, State* state, int argc, Expr* argv[]) { size_t target_size; if (!android::base::ParseUint(target_size_str, &target_size)) { - ErrorAbort(state, "%s(): can't parse \"%s\" as byte count", name, target_size_str); + ErrorAbort(state, kArgsParsingFailure, "%s(): can't parse \"%s\" as byte count", + name, target_size_str); free(source_filename); free(target_filename); free(target_sha1); @@ -1211,11 +1221,11 @@ Value* ApplyPatchFn(const char* name, State* state, int argc, Expr* argv[]) { for (int i = 0; i < patchcount; ++i) { if (patch_shas[i]->type != VAL_STRING) { - ErrorAbort(state, "%s(): sha-1 #%d is not string", name, i); + ErrorAbort(state, kArgsParsingFailure, "%s(): sha-1 #%d is not string", name, i); return nullptr; } if (patches[i]->type != VAL_BLOB) { - ErrorAbort(state, "%s(): patch #%d is not blob", name, i); + ErrorAbort(state, kArgsParsingFailure, "%s(): patch #%d is not blob", name, i); return nullptr; } } @@ -1238,7 +1248,7 @@ Value* ApplyPatchFn(const char* name, State* state, int argc, Expr* argv[]) { Value* ApplyPatchCheckFn(const char* name, State* state, int argc, Expr* argv[]) { if (argc < 1) { - return ErrorAbort(state, "%s(): expected at least 1 arg, got %d", + return ErrorAbort(state, kArgsParsingFailure, "%s(): expected at least 1 arg, got %d", name, argc); } @@ -1283,7 +1293,7 @@ Value* UIPrintFn(const char* name, State* state, int argc, Expr* argv[]) { Value* WipeCacheFn(const char* name, State* state, int argc, Expr* argv[]) { if (argc != 0) { - return ErrorAbort(state, "%s() expects no args, got %d", name, argc); + return ErrorAbort(state, kArgsParsingFailure, "%s() expects no args, got %d", name, argc); } fprintf(((UpdaterInfo*)(state->cookie))->cmd_pipe, "wipe_cache\n"); return StringValue(strdup("t")); @@ -1291,7 +1301,7 @@ Value* WipeCacheFn(const char* name, State* state, int argc, Expr* argv[]) { Value* RunProgramFn(const char* name, State* state, int argc, Expr* argv[]) { if (argc < 1) { - return ErrorAbort(state, "%s() expects at least 1 arg", name); + return ErrorAbort(state, kArgsParsingFailure, "%s() expects at least 1 arg", name); } char** args = ReadVarArgs(state, argc, argv); if (args == NULL) { @@ -1345,7 +1355,7 @@ Value* RunProgramFn(const char* name, State* state, int argc, Expr* argv[]) { // Value* Sha1CheckFn(const char* name, State* state, int argc, Expr* argv[]) { if (argc < 1) { - return ErrorAbort(state, "%s() expects at least 1 arg", name); + return ErrorAbort(state, kArgsParsingFailure, "%s() expects at least 1 arg", name); } std::unique_ptr arg_values(ReadValueVarArgs(state, argc, argv), free); @@ -1393,7 +1403,7 @@ Value* Sha1CheckFn(const char* name, State* state, int argc, Expr* argv[]) { // is actually a FileContents*). Value* ReadFileFn(const char* name, State* state, int argc, Expr* argv[]) { if (argc != 1) { - return ErrorAbort(state, "%s() expects 1 arg, got %d", name, argc); + return ErrorAbort(state, kArgsParsingFailure, "%s() expects 1 arg, got %d", name, argc); } char* filename; if (ReadArgs(state, argv, 1, &filename) < 0) return NULL; @@ -1429,7 +1439,7 @@ Value* ReadFileFn(const char* name, State* state, int argc, Expr* argv[]) { // partition. Value* RebootNowFn(const char* name, State* state, int argc, Expr* argv[]) { if (argc != 2) { - return ErrorAbort(state, "%s() expects 2 args, got %d", name, argc); + return ErrorAbort(state, kArgsParsingFailure, "%s() expects 2 args, got %d", name, argc); } char* filename; @@ -1455,7 +1465,7 @@ Value* RebootNowFn(const char* name, State* state, int argc, Expr* argv[]) { sleep(5); free(property); - ErrorAbort(state, "%s() failed to reboot", name); + ErrorAbort(state, kRebootFailure, "%s() failed to reboot", name); return NULL; } @@ -1471,7 +1481,7 @@ Value* RebootNowFn(const char* name, State* state, int argc, Expr* argv[]) { // bytes. Value* SetStageFn(const char* name, State* state, int argc, Expr* argv[]) { if (argc != 2) { - return ErrorAbort(state, "%s() expects 2 args, got %d", name, argc); + return ErrorAbort(state, kArgsParsingFailure, "%s() expects 2 args, got %d", name, argc); } char* filename; @@ -1501,7 +1511,7 @@ Value* SetStageFn(const char* name, State* state, int argc, Expr* argv[]) { // is the block device for the misc partition. Value* GetStageFn(const char* name, State* state, int argc, Expr* argv[]) { if (argc != 1) { - return ErrorAbort(state, "%s() expects 1 arg, got %d", name, argc); + return ErrorAbort(state, kArgsParsingFailure, "%s() expects 1 arg, got %d", name, argc); } char* filename; @@ -1519,7 +1529,7 @@ Value* GetStageFn(const char* name, State* state, int argc, Expr* argv[]) { Value* WipeBlockDeviceFn(const char* name, State* state, int argc, Expr* argv[]) { if (argc != 2) { - return ErrorAbort(state, "%s() expects 2 args, got %d", name, argc); + return ErrorAbort(state, kArgsParsingFailure, "%s() expects 2 args, got %d", name, argc); } char* filename; @@ -1541,7 +1551,7 @@ Value* WipeBlockDeviceFn(const char* name, State* state, int argc, Expr* argv[]) Value* EnableRebootFn(const char* name, State* state, int argc, Expr* argv[]) { if (argc != 0) { - return ErrorAbort(state, "%s() expects no args, got %d", name, argc); + return ErrorAbort(state, kArgsParsingFailure, "%s() expects no args, got %d", name, argc); } UpdaterInfo* ui = (UpdaterInfo*)(state->cookie); fprintf(ui->cmd_pipe, "enable_reboot\n"); @@ -1550,12 +1560,12 @@ Value* EnableRebootFn(const char* name, State* state, int argc, Expr* argv[]) { Value* Tune2FsFn(const char* name, State* state, int argc, Expr* argv[]) { if (argc == 0) { - return ErrorAbort(state, "%s() expects args, got %d", name, argc); + return ErrorAbort(state, kArgsParsingFailure, "%s() expects args, got %d", name, argc); } char** args = ReadVarArgs(state, argc, argv); if (args == NULL) { - return ErrorAbort(state, "%s() could not read args", name); + return ErrorAbort(state, kArgsParsingFailure, "%s() could not read args", name); } char** args2 = reinterpret_cast(malloc(sizeof(char*) * (argc+1))); @@ -1573,7 +1583,8 @@ Value* Tune2FsFn(const char* name, State* state, int argc, Expr* argv[]) { free(args2[0]); free(args2); if (result != 0) { - return ErrorAbort(state, "%s() returned error code %d", name, result); + return ErrorAbort(state, kTune2FsFailure, "%s() returned error code %d", + name, result); } return StringValue(strdup("t")); } diff --git a/updater/updater.cpp b/updater/updater.cpp index 1693fa1db..b5db71e2a 100644 --- a/updater/updater.cpp +++ b/updater/updater.cpp @@ -156,11 +156,28 @@ int main(int argc, char** argv) { printf("script aborted: %s\n", state.errmsg); char* line = strtok(state.errmsg, "\n"); while (line) { + // Parse the error code in abort message. + // Example: "E30: This package is for bullhead devices." + if (*line == 'E') { + if (sscanf(line, "E%u: ", &state.error_code) != 1) { + printf("Failed to parse error code: [%s]\n", line); + } + } fprintf(cmd_pipe, "ui_print %s\n", line); line = strtok(NULL, "\n"); } fprintf(cmd_pipe, "ui_print\n"); } + + if (state.error_code != kNoError) { + fprintf(cmd_pipe, "log error: %d\n", state.error_code); + // Cause code should provide additional information about the abort; + // report only when an error exists. + if (state.cause_code != kNoCause) { + fprintf(cmd_pipe, "log cause: %d\n", state.cause_code); + } + } + free(state.errmsg); return 7; } else { -- cgit v1.2.3 From 7ce287d432dd3a4dc8841fc59e11ee1a0b7808a1 Mon Sep 17 00:00:00 2001 From: Tianjie Xu Date: Tue, 31 May 2016 09:29:49 -0700 Subject: Call ioctl before each write on retry If the update is a retry, ioctl(BLKDISCARD) the destination blocks before writing to these blocks. Bug: 28990135 Change-Id: I1e703808e68ebb1292cd66afd76be8fd6946ee59 --- updater/blockimg.cpp | 59 +++++++++++++++++++++++++++++++++++++++++++++------- updater/updater.cpp | 10 ++++++++- 2 files changed, 61 insertions(+), 8 deletions(-) (limited to 'updater') diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index 2efa1cd47..f7955566d 100644 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -70,6 +70,7 @@ struct RangeSet { }; static CauseCode failure_type = kNoCause; +static bool is_retry = false; static std::map stash_map; static void parse_range(const std::string& range_text, RangeSet& rs) { @@ -179,6 +180,21 @@ static int write_all(int fd, const std::vector& buffer, size_t size) { return write_all(fd, buffer.data(), size); } +static bool discard_blocks(int fd, off64_t offset, uint64_t size) { + // Don't discard blocks unless the update is a retry run. + if (!is_retry) { + return true; + } + + uint64_t args[2] = {static_cast(offset), size}; + int status = ioctl(fd, BLKDISCARD, &args); + if (status == -1) { + fprintf(stderr, "BLKDISCARD ioctl failed: %s\n", strerror(errno)); + return false; + } + return true; +} + static bool check_lseek(int fd, off64_t offset, int whence) { off64_t rc = TEMP_FAILURE_RETRY(lseek64(fd, offset, whence)); if (rc == -1) { @@ -238,10 +254,15 @@ static ssize_t RangeSinkWrite(const uint8_t* data, ssize_t size, void* token) { rss->p_remain = (rss->tgt.pos[rss->p_block * 2 + 1] - rss->tgt.pos[rss->p_block * 2]) * BLOCKSIZE; - if (!check_lseek(rss->fd, (off64_t)rss->tgt.pos[rss->p_block*2] * BLOCKSIZE, - SEEK_SET)) { + off64_t offset = static_cast(rss->tgt.pos[rss->p_block*2]) * BLOCKSIZE; + if (!discard_blocks(rss->fd, offset, rss->p_remain)) { + break; + } + + if (!check_lseek(rss->fd, offset, SEEK_SET)) { break; } + } else { // we can't write any more; return how many bytes have // been written so far. @@ -347,11 +368,15 @@ static int WriteBlocks(const RangeSet& tgt, const std::vector& buffer, size_t p = 0; for (size_t i = 0; i < tgt.count; ++i) { - if (!check_lseek(fd, (off64_t) tgt.pos[i * 2] * BLOCKSIZE, SEEK_SET)) { + off64_t offset = static_cast(tgt.pos[i * 2]) * BLOCKSIZE; + size_t size = (tgt.pos[i * 2 + 1] - tgt.pos[i * 2]) * BLOCKSIZE; + if (!discard_blocks(fd, offset, size)) { return -1; } - size_t size = (tgt.pos[i * 2 + 1] - tgt.pos[i * 2]) * BLOCKSIZE; + if (!check_lseek(fd, offset, SEEK_SET)) { + return -1; + } if (write_all(fd, data + p, size) == -1) { return -1; @@ -1104,7 +1129,13 @@ static int PerformCommandZero(CommandParameters& params) { if (params.canwrite) { for (size_t i = 0; i < tgt.count; ++i) { - if (!check_lseek(params.fd, (off64_t) tgt.pos[i * 2] * BLOCKSIZE, SEEK_SET)) { + off64_t offset = static_cast(tgt.pos[i * 2]) * BLOCKSIZE; + size_t size = (tgt.pos[i * 2 + 1] - tgt.pos[i * 2]) * BLOCKSIZE; + if (!discard_blocks(params.fd, offset, size)) { + return -1; + } + + if (!check_lseek(params.fd, offset, SEEK_SET)) { return -1; } @@ -1143,7 +1174,12 @@ static int PerformCommandNew(CommandParameters& params) { rss.p_block = 0; rss.p_remain = (tgt.pos[1] - tgt.pos[0]) * BLOCKSIZE; - if (!check_lseek(params.fd, (off64_t) tgt.pos[0] * BLOCKSIZE, SEEK_SET)) { + off64_t offset = static_cast(tgt.pos[0]) * BLOCKSIZE; + if (!discard_blocks(params.fd, offset, tgt.size * BLOCKSIZE)) { + return -1; + } + + if (!check_lseek(params.fd, offset, SEEK_SET)) { return -1; } @@ -1221,7 +1257,12 @@ static int PerformCommandDiff(CommandParameters& params) { rss.p_block = 0; rss.p_remain = (tgt.pos[1] - tgt.pos[0]) * BLOCKSIZE; - if (!check_lseek(params.fd, (off64_t) tgt.pos[0] * BLOCKSIZE, SEEK_SET)) { + off64_t offset = static_cast(tgt.pos[0]) * BLOCKSIZE; + if (!discard_blocks(params.fd, offset, rss.p_remain)) { + return -1; + } + + if (!check_lseek(params.fd, offset, SEEK_SET)) { return -1; } @@ -1340,6 +1381,10 @@ static Value* PerformBlockImageUpdate(const char* name, State* state, int /* arg params.canwrite = !dryrun; fprintf(stderr, "performing %s\n", dryrun ? "verification" : "update"); + if (state->is_retry) { + is_retry = true; + fprintf(stderr, "This update is a retry.\n"); + } Value* blockdev_filename = nullptr; Value* transfer_list_value = nullptr; diff --git a/updater/updater.cpp b/updater/updater.cpp index b5db71e2a..e956dd557 100644 --- a/updater/updater.cpp +++ b/updater/updater.cpp @@ -48,7 +48,7 @@ int main(int argc, char** argv) { setbuf(stdout, NULL); setbuf(stderr, NULL); - if (argc != 4) { + if (argc != 4 && argc != 5) { printf("unexpected number of arguments (%d)\n", argc); return 1; } @@ -142,6 +142,14 @@ int main(int argc, char** argv) { state.script = script; state.errmsg = NULL; + if (argc == 5) { + if (strcmp(argv[4], "retry") == 0) { + state.is_retry = true; + } else { + printf("unexpected argument: %s", argv[4]); + } + } + char* result = Evaluate(&state, root); if (have_eio_error) { -- cgit v1.2.3 From 31f8cc84cfc14eecdd96c6ca8eb411aa8610db22 Mon Sep 17 00:00:00 2001 From: Tianjie Xu Date: Wed, 15 Jun 2016 11:56:42 -0700 Subject: Check the results from applypatch Check the results from applypatch in PerformCommandDiff; and abort the update on failure. Bug:29339536 Change-Id: I5087d79ba532b54250f4c17560524255c8a4fabc --- updater/blockimg.cpp | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) (limited to 'updater') diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp index f7955566d..a80180a9a 100644 --- a/updater/blockimg.cpp +++ b/updater/blockimg.cpp @@ -1267,11 +1267,17 @@ static int PerformCommandDiff(CommandParameters& params) { } if (params.cmdname[0] == 'i') { // imgdiff - ApplyImagePatch(params.buffer.data(), blocks * BLOCKSIZE, &patch_value, - &RangeSinkWrite, &rss, nullptr, nullptr); + if (ApplyImagePatch(params.buffer.data(), blocks * BLOCKSIZE, &patch_value, + &RangeSinkWrite, &rss, nullptr, nullptr) != 0) { + fprintf(stderr, "Failed to apply image patch.\n"); + return -1; + } } else { - ApplyBSDiffPatch(params.buffer.data(), blocks * BLOCKSIZE, &patch_value, 0, - &RangeSinkWrite, &rss, nullptr); + if (ApplyBSDiffPatch(params.buffer.data(), blocks * BLOCKSIZE, &patch_value, + 0, &RangeSinkWrite, &rss, nullptr) != 0) { + fprintf(stderr, "Failed to apply bsdiff patch.\n"); + return -1; + } } // We expect the output of the patcher to fill the tgt ranges exactly. -- cgit v1.2.3