update_verifier: Support verifying product partition.
am: 454d8cb805
Change-Id: If2bed415b3e0683355656956c7d64633402faafa
diff --git a/Android.bp b/Android.bp
deleted file mode 100644
index f8c6a4b..0000000
--- a/Android.bp
+++ /dev/null
@@ -1,8 +0,0 @@
-subdirs = [
- "applypatch",
- "bootloader_message",
- "edify",
- "otafault",
- "otautil",
- "uncrypt",
-]
diff --git a/Android.mk b/Android.mk
index 461ad94..56d69c0 100644
--- a/Android.mk
+++ b/Android.mk
@@ -18,18 +18,6 @@
RECOVERY_API_VERSION := 3
RECOVERY_FSTAB_VERSION := 2
-# libfusesideload (static library)
-# ===============================
-include $(CLEAR_VARS)
-LOCAL_SRC_FILES := fuse_sideload.cpp
-LOCAL_CFLAGS := -Wall -Werror
-LOCAL_CFLAGS += -D_XOPEN_SOURCE -D_GNU_SOURCE
-LOCAL_MODULE := libfusesideload
-LOCAL_STATIC_LIBRARIES := \
- libcrypto \
- libbase
-include $(BUILD_STATIC_LIBRARY)
-
# libmounts (static library)
# ===============================
include $(CLEAR_VARS)
@@ -272,7 +260,6 @@
include \
$(LOCAL_PATH)/boot_control/Android.mk \
- $(LOCAL_PATH)/minadbd/Android.mk \
$(LOCAL_PATH)/minui/Android.mk \
$(LOCAL_PATH)/tests/Android.mk \
$(LOCAL_PATH)/tools/Android.mk \
diff --git a/fuse_sideload/Android.bp b/fuse_sideload/Android.bp
new file mode 100644
index 0000000..76bc16d
--- /dev/null
+++ b/fuse_sideload/Android.bp
@@ -0,0 +1,37 @@
+// Copyright (C) 2018 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+cc_library_static {
+ name: "libfusesideload",
+
+ cflags: [
+ "-D_XOPEN_SOURCE",
+ "-D_GNU_SOURCE",
+ "-Wall",
+ "-Werror",
+ ],
+
+ srcs: [
+ "fuse_sideload.cpp",
+ ],
+
+ export_include_dirs: [
+ "include",
+ ],
+
+ static_libs: [
+ "libbase",
+ "libcrypto",
+ ],
+}
diff --git a/fuse_sideload.cpp b/fuse_sideload/fuse_sideload.cpp
similarity index 100%
rename from fuse_sideload.cpp
rename to fuse_sideload/fuse_sideload.cpp
diff --git a/fuse_sideload.h b/fuse_sideload/include/fuse_sideload.h
similarity index 100%
rename from fuse_sideload.h
rename to fuse_sideload/include/fuse_sideload.h
diff --git a/minadbd/Android.bp b/minadbd/Android.bp
new file mode 100644
index 0000000..432b2f0
--- /dev/null
+++ b/minadbd/Android.bp
@@ -0,0 +1,78 @@
+// Copyright (C) 2018 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+cc_defaults {
+ name: "minadbd_defaults",
+
+ cflags: [
+ "-DADB_HOST=0",
+ "-Wall",
+ "-Werror",
+ ],
+
+ include_dirs: [
+ "system/core/adb",
+ ],
+}
+
+cc_library_static {
+ name: "libminadbd",
+
+ defaults: [
+ "minadbd_defaults",
+ ],
+
+ srcs: [
+ "fuse_adb_provider.cpp",
+ "minadbd.cpp",
+ "minadbd_services.cpp",
+ ],
+
+ static_libs: [
+ "libfusesideload",
+ "libbase",
+ "libcrypto",
+ ],
+
+ whole_static_libs: [
+ "libadbd",
+ ],
+}
+
+cc_test {
+ name: "minadbd_test",
+
+ defaults: [
+ "minadbd_defaults",
+ ],
+
+ srcs: [
+ "fuse_adb_provider_test.cpp",
+ ],
+
+ static_libs: [
+ "libBionicGtestMain",
+ "libminadbd",
+ ],
+
+ shared_libs: [
+ "libbase",
+ "libcutils",
+ "liblog",
+ ],
+
+ test_suites: [
+ "device-tests",
+ ],
+}
diff --git a/minadbd/Android.mk b/minadbd/Android.mk
deleted file mode 100644
index 50e3b34..0000000
--- a/minadbd/Android.mk
+++ /dev/null
@@ -1,55 +0,0 @@
-# Copyright 2005 The Android Open Source Project
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-LOCAL_PATH:= $(call my-dir)
-
-minadbd_cflags := \
- -Wall -Werror \
- -DADB_HOST=0 \
-
-# libminadbd (static library)
-# ===============================
-include $(CLEAR_VARS)
-
-LOCAL_SRC_FILES := \
- fuse_adb_provider.cpp \
- minadbd.cpp \
- minadbd_services.cpp \
-
-LOCAL_MODULE := libminadbd
-LOCAL_CFLAGS := $(minadbd_cflags)
-LOCAL_C_INCLUDES := bootable/recovery system/core/adb
-LOCAL_WHOLE_STATIC_LIBRARIES := libadbd
-LOCAL_STATIC_LIBRARIES := libcrypto libbase
-
-include $(BUILD_STATIC_LIBRARY)
-
-# minadbd_test (native test)
-# ===============================
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := minadbd_test
-LOCAL_COMPATIBILITY_SUITE := device-tests
-LOCAL_SRC_FILES := fuse_adb_provider_test.cpp
-LOCAL_CFLAGS := $(minadbd_cflags)
-LOCAL_C_INCLUDES := $(LOCAL_PATH) system/core/adb
-LOCAL_STATIC_LIBRARIES := \
- libBionicGtestMain \
- libminadbd
-LOCAL_SHARED_LIBRARIES := \
- liblog \
- libbase \
- libcutils
-
-include $(BUILD_NATIVE_TEST)
diff --git a/tests/component/applypatch_test.cpp b/tests/component/applypatch_test.cpp
index 61e06ad..9160285 100644
--- a/tests/component/applypatch_test.cpp
+++ b/tests/component/applypatch_test.cpp
@@ -205,67 +205,96 @@
sha1sum(boot_img, &boot_img_sha1, &boot_img_size);
std::string recovery_img = from_testdata_base("recovery.img");
- size_t size;
+ size_t recovery_img_size;
std::string recovery_img_sha1;
- sha1sum(recovery_img, &recovery_img_sha1, &size);
- std::string recovery_img_size = std::to_string(size);
+ sha1sum(recovery_img, &recovery_img_sha1, &recovery_img_size);
+ std::string recovery_img_size_arg = std::to_string(recovery_img_size);
std::string bonus_file = from_testdata_base("bonus.file");
// applypatch -b <bonus-file> <src-file> <tgt-file> <tgt-sha1> <tgt-size> <src-sha1>:<patch>
- TemporaryFile tmp1;
- std::string src_file =
+ std::string src_file_arg =
"EMMC:" + boot_img + ":" + std::to_string(boot_img_size) + ":" + boot_img_sha1;
- std::string tgt_file = "EMMC:" + std::string(tmp1.path);
- std::string patch = boot_img_sha1 + ":" + from_testdata_base("recovery-from-boot.p");
- std::vector<const char*> args = {
- "applypatch",
- "-b",
- bonus_file.c_str(),
- src_file.c_str(),
- tgt_file.c_str(),
- recovery_img_sha1.c_str(),
- recovery_img_size.c_str(),
- patch.c_str()
- };
+ TemporaryFile tgt_file;
+ std::string tgt_file_arg = "EMMC:"s + tgt_file.path;
+ std::string patch_arg = boot_img_sha1 + ":" + from_testdata_base("recovery-from-boot.p");
+ std::vector<const char*> args = { "applypatch",
+ "-b",
+ bonus_file.c_str(),
+ src_file_arg.c_str(),
+ tgt_file_arg.c_str(),
+ recovery_img_sha1.c_str(),
+ recovery_img_size_arg.c_str(),
+ patch_arg.c_str() };
ASSERT_EQ(0, applypatch_modes(args.size(), args.data()));
+}
+
+// Tests patching the EMMC target without a separate bonus file (i.e. recovery-from-boot patch has
+// everything).
+TEST_F(ApplyPatchModesTest, PatchModeEmmcTargetWithoutBonusFile) {
+ std::string boot_img = from_testdata_base("boot.img");
+ size_t boot_img_size;
+ std::string boot_img_sha1;
+ sha1sum(boot_img, &boot_img_sha1, &boot_img_size);
+
+ std::string recovery_img = from_testdata_base("recovery.img");
+ size_t recovery_img_size;
+ std::string recovery_img_sha1;
+ sha1sum(recovery_img, &recovery_img_sha1, &recovery_img_size);
+ std::string recovery_img_size_arg = std::to_string(recovery_img_size);
// applypatch <src-file> <tgt-file> <tgt-sha1> <tgt-size> <src-sha1>:<patch>
- TemporaryFile tmp2;
- patch = boot_img_sha1 + ":" + from_testdata_base("recovery-from-boot-with-bonus.p");
- tgt_file = "EMMC:" + std::string(tmp2.path);
- std::vector<const char*> args2 = {
- "applypatch",
- src_file.c_str(),
- tgt_file.c_str(),
- recovery_img_sha1.c_str(),
- recovery_img_size.c_str(),
- patch.c_str()
- };
- ASSERT_EQ(0, applypatch_modes(args2.size(), args2.data()));
+ std::string src_file_arg =
+ "EMMC:" + boot_img + ":" + std::to_string(boot_img_size) + ":" + boot_img_sha1;
+ TemporaryFile tgt_file;
+ std::string tgt_file_arg = "EMMC:"s + tgt_file.path;
+ std::string patch_arg =
+ boot_img_sha1 + ":" + from_testdata_base("recovery-from-boot-with-bonus.p");
+ std::vector<const char*> args = { "applypatch",
+ src_file_arg.c_str(),
+ tgt_file_arg.c_str(),
+ recovery_img_sha1.c_str(),
+ recovery_img_size_arg.c_str(),
+ patch_arg.c_str() };
+ ASSERT_EQ(0, applypatch_modes(args.size(), args.data()));
+}
+
+TEST_F(ApplyPatchModesTest, PatchModeEmmcTargetWithMultiplePatches) {
+ std::string boot_img = from_testdata_base("boot.img");
+ size_t boot_img_size;
+ std::string boot_img_sha1;
+ sha1sum(boot_img, &boot_img_sha1, &boot_img_size);
+
+ std::string recovery_img = from_testdata_base("recovery.img");
+ size_t recovery_img_size;
+ std::string recovery_img_sha1;
+ sha1sum(recovery_img, &recovery_img_sha1, &recovery_img_size);
+ std::string recovery_img_size_arg = std::to_string(recovery_img_size);
+
+ std::string bonus_file = from_testdata_base("bonus.file");
// applypatch -b <bonus-file> <src-file> <tgt-file> <tgt-sha1> <tgt-size> \
- // <src-sha1-fake>:<patch1> <src-sha1>:<patch2>
- TemporaryFile tmp3;
- tgt_file = "EMMC:" + std::string(tmp3.path);
+ // <src-sha1-fake1>:<patch1> <src-sha1>:<patch2> <src-sha1-fake2>:<patch3>
+ std::string src_file_arg =
+ "EMMC:" + boot_img + ":" + std::to_string(boot_img_size) + ":" + boot_img_sha1;
+ TemporaryFile tgt_file;
+ std::string tgt_file_arg = "EMMC:"s + tgt_file.path;
std::string bad_sha1_a = android::base::StringPrintf("%040x", rand());
std::string bad_sha1_b = android::base::StringPrintf("%040x", rand());
std::string patch1 = bad_sha1_a + ":" + from_testdata_base("recovery-from-boot.p");
std::string patch2 = boot_img_sha1 + ":" + from_testdata_base("recovery-from-boot.p");
std::string patch3 = bad_sha1_b + ":" + from_testdata_base("recovery-from-boot.p");
- std::vector<const char*> args3 = {
- "applypatch",
- "-b",
- bonus_file.c_str(),
- src_file.c_str(),
- tgt_file.c_str(),
- recovery_img_sha1.c_str(),
- recovery_img_size.c_str(),
- patch1.c_str(),
- patch2.c_str(),
- patch3.c_str()
- };
- ASSERT_EQ(0, applypatch_modes(args3.size(), args3.data()));
+ std::vector<const char*> args = { "applypatch",
+ "-b",
+ bonus_file.c_str(),
+ src_file_arg.c_str(),
+ tgt_file_arg.c_str(),
+ recovery_img_sha1.c_str(),
+ recovery_img_size_arg.c_str(),
+ patch1.c_str(),
+ patch2.c_str(),
+ patch3.c_str() };
+ ASSERT_EQ(0, applypatch_modes(args.size(), args.data()));
}
// Ensures that applypatch works with a bsdiff based recovery-from-boot.p.
diff --git a/uncrypt/uncrypt.cpp b/uncrypt/uncrypt.cpp
index 645faad..16036f9 100644
--- a/uncrypt/uncrypt.cpp
+++ b/uncrypt/uncrypt.cpp
@@ -172,10 +172,15 @@
return fstab;
}
-static const char* find_block_device(const char* path, bool* encryptable, bool* encrypted) {
+static const char* find_block_device(const char* path, bool* encryptable,
+ bool* encrypted, bool* f2fs_fs) {
// Look for a volume whose mount point is the prefix of path and
// return its block device. Set encrypted if it's currently
// encrypted.
+
+ // ensure f2fs_fs is set to false first.
+ *f2fs_fs = false;
+
for (int i = 0; i < fstab->num_entries; ++i) {
struct fstab_rec* v = &fstab->recs[i];
if (!v->mount_point) {
@@ -192,6 +197,9 @@
*encrypted = true;
}
}
+ if (strcmp(v->fs_type, "f2fs") == 0) {
+ *f2fs_fs = true;
+ }
return v->blk_device;
}
}
@@ -244,7 +252,7 @@
}
static int produce_block_map(const char* path, const char* map_file, const char* blk_dev,
- bool encrypted, int socket) {
+ bool encrypted, bool f2fs_fs, int socket) {
std::string err;
if (!android::base::RemoveFileIfExists(map_file, &err)) {
LOG(ERROR) << "failed to remove the existing map file " << map_file << ": " << err;
@@ -307,6 +315,31 @@
}
}
+// F2FS-specific ioctl
+// It requires the below kernel commit merged in v4.16-rc1.
+// 1ad71a27124c ("f2fs: add an ioctl to disable GC for specific file")
+// In android-4.4,
+// 56ee1e817908 ("f2fs: updates on v4.16-rc1")
+// In android-4.9,
+// 2f17e34672a8 ("f2fs: updates on v4.16-rc1")
+// In android-4.14,
+// ce767d9a55bc ("f2fs: updates on v4.16-rc1")
+#ifndef F2FS_IOC_SET_PIN_FILE
+#ifndef F2FS_IOCTL_MAGIC
+#define F2FS_IOCTL_MAGIC 0xf5
+#endif
+#define F2FS_IOC_SET_PIN_FILE _IOW(F2FS_IOCTL_MAGIC, 13, __u32)
+#define F2FS_IOC_GET_PIN_FILE _IOW(F2FS_IOCTL_MAGIC, 14, __u32)
+#endif
+ if (f2fs_fs) {
+ int error = ioctl(fd, F2FS_IOC_SET_PIN_FILE);
+ // Don't break the old kernels which don't support it.
+ if (error && errno != ENOTTY && errno != ENOTSUP) {
+ PLOG(ERROR) << "Failed to set pin_file for f2fs: " << path << " on " << blk_dev;
+ return kUncryptIoctlError;
+ }
+ }
+
off64_t pos = 0;
int last_progress = 0;
while (pos < sb.st_size) {
@@ -458,7 +491,8 @@
bool encryptable;
bool encrypted;
- const char* blk_dev = find_block_device(path, &encryptable, &encrypted);
+ bool f2fs_fs;
+ const char* blk_dev = find_block_device(path, &encryptable, &encrypted, &f2fs_fs);
if (blk_dev == nullptr) {
LOG(ERROR) << "failed to find block device for " << path;
return kUncryptBlockDeviceFindError;
@@ -479,7 +513,7 @@
// and /sdcard we leave the file alone.
if (strncmp(path, "/data/", 6) == 0) {
LOG(INFO) << "writing block map " << map_file;
- return produce_block_map(path, map_file, blk_dev, encrypted, socket);
+ return produce_block_map(path, map_file, blk_dev, encrypted, f2fs_fs, socket);
}
return 0;