Control fault injection with config files instead of build flags
Bug: 27724259
Change-Id: I65bdefed10b3fb85fcb9e1147eaf0687d7d438f4
diff --git a/applypatch/applypatch.cpp b/applypatch/applypatch.cpp
index 9d8a217..7985fc0 100644
--- a/applypatch/applypatch.cpp
+++ b/applypatch/applypatch.cpp
@@ -34,8 +34,8 @@
#include "applypatch.h"
#include "mtdutils/mtdutils.h"
#include "edify/expr.h"
+#include "ota_io.h"
#include "print_sha1.h"
-#include "otafault/ota_io.h"
static int LoadPartitionContents(const char* filename, FileContents* file);
static ssize_t FileSink(const unsigned char* data, ssize_t len, void* token);
diff --git a/otafault/Android.mk b/otafault/Android.mk
index 75617a1..7468de6 100644
--- a/otafault/Android.mk
+++ b/otafault/Android.mk
@@ -1,10 +1,10 @@
-# Copyright 2015 The ANdroid Open Source Project
+# Copyright 2015 The Android Open Source Project
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
-# http://www.apache.org/licenses/LICENSE-2.0
+# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
@@ -14,45 +14,30 @@
LOCAL_PATH := $(call my-dir)
-empty :=
-space := $(empty) $(empty)
-comma := ,
-
-ifneq ($(TARGET_INJECT_FAULTS),)
-TARGET_INJECT_FAULTS := $(subst $(comma),$(space),$(strip $(TARGET_INJECT_FAULTS)))
-endif
-
include $(CLEAR_VARS)
-LOCAL_SRC_FILES := ota_io.cpp
+otafault_static_libs := \
+ libminzip \
+ libz \
+ libselinux \
+
+LOCAL_SRC_FILES := config.cpp ota_io.cpp
LOCAL_MODULE_TAGS := eng
LOCAL_MODULE := libotafault
LOCAL_CLANG := true
-
-ifneq ($(TARGET_INJECT_FAULTS),)
-$(foreach ft,$(TARGET_INJECT_FAULTS),\
- $(eval LOCAL_CFLAGS += -DTARGET_$(ft)_FAULT=$(TARGET_$(ft)_FAULT_FILE)))
-LOCAL_CFLAGS += -Wno-unused-parameter
-LOCAL_CFLAGS += -DTARGET_INJECT_FAULTS
-endif
-
-LOCAL_STATIC_LIBRARIES := libc
+LOCAL_C_INCLUDES := bootable/recovery
+LOCAL_EXPORT_C_INCLUDE_DIRS := $(LOCAL_PATH)
+LOCAL_WHOLE_STATIC_LIBRARIES := $(otafault_static_libs)
include $(BUILD_STATIC_LIBRARY)
include $(CLEAR_VARS)
-LOCAL_SRC_FILES := ota_io.cpp test.cpp
+LOCAL_SRC_FILES := config.cpp ota_io.cpp test.cpp
LOCAL_MODULE_TAGS := tests
LOCAL_MODULE := otafault_test
-LOCAL_STATIC_LIBRARIES := libc
+LOCAL_STATIC_LIBRARIES := $(otafault_static_libs)
+LOCAL_C_INCLUDES := bootable/recovery
LOCAL_FORCE_STATIC_EXECUTABLE := true
-LOCAL_CFLAGS += -Wno-unused-parameter -Wno-writable-strings
-
-ifneq ($(TARGET_INJECT_FAULTS),)
-$(foreach ft,$(TARGET_INJECT_FAULTS),\
- $(eval LOCAL_CFLAGS += -DTARGET_$(ft)_FAULT=$(TARGET_$(ft)_FAULT_FILE)))
-LOCAL_CFLAGS += -DTARGET_INJECT_FAULTS
-endif
include $(BUILD_EXECUTABLE)
diff --git a/otafault/config.cpp b/otafault/config.cpp
new file mode 100644
index 0000000..aa4b4d5
--- /dev/null
+++ b/otafault/config.cpp
@@ -0,0 +1,70 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <map>
+#include <string>
+
+#include <stdio.h>
+#include <unistd.h>
+
+#include "minzip/Zip.h"
+#include "config.h"
+#include "ota_io.h"
+
+#define OTAIO_MAX_FNAME_SIZE 128
+
+static ZipArchive* archive;
+static std::map<const char*, bool> should_inject_cache;
+
+static const char* get_type_path(const char* io_type) {
+ char* path = (char*)calloc(strlen(io_type) + strlen(OTAIO_BASE_DIR) + 2, sizeof(char));
+ sprintf(path, "%s/%s", OTAIO_BASE_DIR, io_type);
+ return path;
+}
+
+void ota_io_init(ZipArchive* za) {
+ archive = za;
+ ota_set_fault_files();
+}
+
+bool should_fault_inject(const char* io_type) {
+ // archive will be NULL if we used an entry point other
+ // than updater/updater.cpp:main
+ if (archive == NULL) {
+ return false;
+ }
+ if (should_inject_cache.find(io_type) != should_inject_cache.end()) {
+ return should_inject_cache[io_type];
+ }
+ const char* type_path = get_type_path(io_type);
+ const ZipEntry* entry = mzFindZipEntry(archive, type_path);
+ should_inject_cache[type_path] = entry != nullptr;
+ free((void*)type_path);
+ return entry != NULL;
+}
+
+bool should_hit_cache() {
+ return should_fault_inject(OTAIO_CACHE);
+}
+
+std::string fault_fname(const char* io_type) {
+ const char* type_path = get_type_path(io_type);
+ char* fname = (char*) calloc(OTAIO_MAX_FNAME_SIZE, sizeof(char));
+ const ZipEntry* entry = mzFindZipEntry(archive, type_path);
+ mzReadZipEntry(archive, entry, fname, OTAIO_MAX_FNAME_SIZE);
+ free((void*)type_path);
+ return std::string(fname);
+}
diff --git a/otafault/config.h b/otafault/config.h
new file mode 100644
index 0000000..4430be3
--- /dev/null
+++ b/otafault/config.h
@@ -0,0 +1,74 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * Read configuration files in the OTA package to determine which files, if any, will trigger errors.
+ *
+ * OTA packages can be modified to trigger errors by adding a top-level
+ * directory called .libotafault, which may optionally contain up to three
+ * files called READ, WRITE, and FSYNC. Each one of these optional files
+ * contains the name of a single file on the device disk which will cause
+ * an IO error on the first call of the appropriate I/O action to that file.
+ *
+ * Example:
+ * ota.zip
+ * <normal package contents>
+ * .libotafault
+ * WRITE
+ *
+ * If the contents of the file WRITE were /system/build.prop, the first write
+ * action to /system/build.prop would fail with EIO. Note that READ and
+ * FSYNC files are absent, so these actions will not cause an error.
+ */
+
+#ifndef _UPDATER_OTA_IO_CFG_H_
+#define _UPDATER_OTA_IO_CFG_H_
+
+#include <string>
+
+#include <stdbool.h>
+
+#include "minzip/Zip.h"
+
+#define OTAIO_BASE_DIR ".libotafault"
+#define OTAIO_READ "READ"
+#define OTAIO_WRITE "WRITE"
+#define OTAIO_FSYNC "FSYNC"
+#define OTAIO_CACHE "CACHE"
+
+/*
+ * Initialize libotafault by providing a reference to the OTA package.
+ */
+void ota_io_init(ZipArchive* za);
+
+/*
+ * Return true if a config file is present for the given IO type.
+ */
+bool should_fault_inject(const char* io_type);
+
+/*
+ * Return true if an EIO should occur on the next hit to /cache/saved.file
+ * instead of the next hit to the specified file.
+ */
+bool should_hit_cache();
+
+/*
+ * Return the name of the file that should cause an error for the
+ * given IO type.
+ */
+std::string fault_fname(const char* io_type);
+
+#endif
diff --git a/otafault/ota_io.cpp b/otafault/ota_io.cpp
index 9434ebe..0445853 100644
--- a/otafault/ota_io.cpp
+++ b/otafault/ota_io.cpp
@@ -14,9 +14,7 @@
* limitations under the License.
*/
-#if defined (TARGET_INJECT_FAULTS)
#include <map>
-#endif
#include <errno.h>
#include <fcntl.h>
@@ -24,185 +22,155 @@
#include <sys/stat.h>
#include <unistd.h>
+#include "config.h"
#include "ota_io.h"
-#if defined (TARGET_INJECT_FAULTS)
-static std::map<int, const char*> FilenameCache;
-static std::string FaultFileName =
-#if defined (TARGET_READ_FAULT)
- TARGET_READ_FAULT;
-#elif defined (TARGET_WRITE_FAULT)
- TARGET_WRITE_FAULT;
-#elif defined (TARGET_FSYNC_FAULT)
- TARGET_FSYNC_FAULT;
-#endif // defined (TARGET_READ_FAULT)
-#endif // defined (TARGET_INJECT_FAULTS)
+static std::map<intptr_t, const char*> filename_cache;
+static std::string read_fault_file_name = "";
+static std::string write_fault_file_name = "";
+static std::string fsync_fault_file_name = "";
+
+static bool get_hit_file(const char* cached_path, std::string ffn) {
+ return should_hit_cache()
+ ? !strncmp(cached_path, OTAIO_CACHE_FNAME, strlen(cached_path))
+ : !strncmp(cached_path, ffn.c_str(), strlen(cached_path));
+}
+
+void ota_set_fault_files() {
+ if (should_fault_inject(OTAIO_READ)) {
+ read_fault_file_name = fault_fname(OTAIO_READ);
+ }
+ if (should_fault_inject(OTAIO_WRITE)) {
+ write_fault_file_name = fault_fname(OTAIO_WRITE);
+ }
+ if (should_fault_inject(OTAIO_FSYNC)) {
+ fsync_fault_file_name = fault_fname(OTAIO_FSYNC);
+ }
+}
bool have_eio_error = false;
int ota_open(const char* path, int oflags) {
-#if defined (TARGET_INJECT_FAULTS)
// Let the caller handle errors; we do not care if open succeeds or fails
int fd = open(path, oflags);
- FilenameCache[fd] = path;
+ filename_cache[fd] = path;
return fd;
-#else
- return open(path, oflags);
-#endif
}
int ota_open(const char* path, int oflags, mode_t mode) {
-#if defined (TARGET_INJECT_FAULTS)
int fd = open(path, oflags, mode);
- FilenameCache[fd] = path;
- return fd;
-#else
- return open(path, oflags, mode);
-#endif
-}
+ filename_cache[fd] = path;
+ return fd; }
FILE* ota_fopen(const char* path, const char* mode) {
-#if defined (TARGET_INJECT_FAULTS)
FILE* fh = fopen(path, mode);
- FilenameCache[(intptr_t)fh] = path;
+ filename_cache[(intptr_t)fh] = path;
return fh;
-#else
- return fopen(path, mode);
-#endif
}
int ota_close(int fd) {
-#if defined (TARGET_INJECT_FAULTS)
- // descriptors can be reused, so make sure not to leave them in the cahce
- FilenameCache.erase(fd);
-#endif
+ // descriptors can be reused, so make sure not to leave them in the cache
+ filename_cache.erase(fd);
return close(fd);
}
int ota_fclose(FILE* fh) {
-#if defined (TARGET_INJECT_FAULTS)
- FilenameCache.erase((intptr_t)fh);
-#endif
+ filename_cache.erase((intptr_t)fh);
return fclose(fh);
}
size_t ota_fread(void* ptr, size_t size, size_t nitems, FILE* stream) {
-#if defined (TARGET_READ_FAULT)
- if (FilenameCache.find((intptr_t)stream) != FilenameCache.end()
- && FilenameCache[(intptr_t)stream] == FaultFileName) {
- FaultFileName = "";
- errno = EIO;
- have_eio_error = true;
- return 0;
- } else {
- size_t status = fread(ptr, size, nitems, stream);
- // If I/O error occurs, set the retry-update flag.
- if (status != nitems && errno == EIO) {
+ if (should_fault_inject(OTAIO_READ)) {
+ auto cached = filename_cache.find((intptr_t)stream);
+ const char* cached_path = cached->second;
+ if (cached != filename_cache.end() &&
+ get_hit_file(cached_path, read_fault_file_name)) {
+ read_fault_file_name = "";
+ errno = EIO;
have_eio_error = true;
+ return 0;
}
- return status;
}
-#else
size_t status = fread(ptr, size, nitems, stream);
if (status != nitems && errno == EIO) {
have_eio_error = true;
}
return status;
-#endif
}
ssize_t ota_read(int fd, void* buf, size_t nbyte) {
-#if defined (TARGET_READ_FAULT)
- if (FilenameCache.find(fd) != FilenameCache.end()
- && FilenameCache[fd] == FaultFileName) {
- FaultFileName = "";
- errno = EIO;
- have_eio_error = true;
- return -1;
- } else {
- ssize_t status = read(fd, buf, nbyte);
- if (status == -1 && errno == EIO) {
+ if (should_fault_inject(OTAIO_READ)) {
+ auto cached = filename_cache.find(fd);
+ const char* cached_path = cached->second;
+ if (cached != filename_cache.end()
+ && get_hit_file(cached_path, read_fault_file_name)) {
+ read_fault_file_name = "";
+ errno = EIO;
have_eio_error = true;
+ return -1;
}
- return status;
}
-#else
ssize_t status = read(fd, buf, nbyte);
if (status == -1 && errno == EIO) {
have_eio_error = true;
}
return status;
-#endif
}
size_t ota_fwrite(const void* ptr, size_t size, size_t count, FILE* stream) {
-#if defined (TARGET_WRITE_FAULT)
- if (FilenameCache.find((intptr_t)stream) != FilenameCache.end()
- && FilenameCache[(intptr_t)stream] == FaultFileName) {
- FaultFileName = "";
- errno = EIO;
- have_eio_error = true;
- return 0;
- } else {
- size_t status = fwrite(ptr, size, count, stream);
- if (status != count && errno == EIO) {
+ if (should_fault_inject(OTAIO_WRITE)) {
+ auto cached = filename_cache.find((intptr_t)stream);
+ const char* cached_path = cached->second;
+ if (cached != filename_cache.end() &&
+ get_hit_file(cached_path, write_fault_file_name)) {
+ write_fault_file_name = "";
+ errno = EIO;
have_eio_error = true;
+ return 0;
}
- return status;
}
-#else
size_t status = fwrite(ptr, size, count, stream);
if (status != count && errno == EIO) {
have_eio_error = true;
}
return status;
-#endif
}
ssize_t ota_write(int fd, const void* buf, size_t nbyte) {
-#if defined (TARGET_WRITE_FAULT)
- if (FilenameCache.find(fd) != FilenameCache.end()
- && FilenameCache[fd] == FaultFileName) {
- FaultFileName = "";
- errno = EIO;
- have_eio_error = true;
- return -1;
- } else {
- ssize_t status = write(fd, buf, nbyte);
- if (status == -1 && errno == EIO) {
+ if (should_fault_inject(OTAIO_WRITE)) {
+ auto cached = filename_cache.find(fd);
+ const char* cached_path = cached->second;
+ if (cached != filename_cache.end() &&
+ get_hit_file(cached_path, write_fault_file_name)) {
+ write_fault_file_name = "";
+ errno = EIO;
have_eio_error = true;
+ return -1;
}
- return status;
}
-#else
ssize_t status = write(fd, buf, nbyte);
if (status == -1 && errno == EIO) {
have_eio_error = true;
}
return status;
-#endif
}
int ota_fsync(int fd) {
-#if defined (TARGET_FSYNC_FAULT)
- if (FilenameCache.find(fd) != FilenameCache.end()
- && FilenameCache[fd] == FaultFileName) {
- FaultFileName = "";
- errno = EIO;
- have_eio_error = true;
- return -1;
- } else {
- int status = fsync(fd);
- if (status == -1 && errno == EIO) {
+ if (should_fault_inject(OTAIO_FSYNC)) {
+ auto cached = filename_cache.find(fd);
+ const char* cached_path = cached->second;
+ if (cached != filename_cache.end() &&
+ get_hit_file(cached_path, fsync_fault_file_name)) {
+ fsync_fault_file_name = "";
+ errno = EIO;
have_eio_error = true;
+ return -1;
}
- return status;
}
-#else
int status = fsync(fd);
if (status == -1 && errno == EIO) {
have_eio_error = true;
}
return status;
-#endif
}
+
diff --git a/otafault/ota_io.h b/otafault/ota_io.h
index 641a5ae..84187a7 100644
--- a/otafault/ota_io.h
+++ b/otafault/ota_io.h
@@ -26,6 +26,10 @@
#include <stdio.h>
#include <sys/stat.h>
+#define OTAIO_CACHE_FNAME "/cache/saved.file"
+
+void ota_set_fault_files();
+
int ota_open(const char* path, int oflags);
int ota_open(const char* path, int oflags, mode_t mode);
diff --git a/otafault/test.cpp b/otafault/test.cpp
index a0f7315..6514782 100644
--- a/otafault/test.cpp
+++ b/otafault/test.cpp
@@ -17,16 +17,18 @@
#include <errno.h>
#include <fcntl.h>
#include <stdio.h>
+#include <unistd.h>
#include "ota_io.h"
-int main(int argc, char **argv) {
+int main(int /* argc */, char** /* argv */) {
int fd = open("testdata/test.file", O_RDWR);
char buf[8];
- char *out = "321";
+ const char* out = "321";
int readv = ota_read(fd, buf, 4);
printf("Read returned %d\n", readv);
int writev = ota_write(fd, out, 4);
printf("Write returned %d\n", writev);
+ close(fd);
return 0;
}
diff --git a/updater/blockimg.cpp b/updater/blockimg.cpp
index e9c8ddb..faa7008 100644
--- a/updater/blockimg.cpp
+++ b/updater/blockimg.cpp
@@ -45,7 +45,7 @@
#include "install.h"
#include "openssl/sha.h"
#include "minzip/Hash.h"
-#include "otafault/ota_io.h"
+#include "ota_io.h"
#include "print_sha1.h"
#include "unique_fd.h"
#include "updater.h"
diff --git a/updater/install.cpp b/updater/install.cpp
index b7d9e85..6ae1e5f 100644
--- a/updater/install.cpp
+++ b/updater/install.cpp
@@ -51,7 +51,7 @@
#include "minzip/DirUtil.h"
#include "mtdutils/mounts.h"
#include "mtdutils/mtdutils.h"
-#include "otafault/ota_io.h"
+#include "ota_io.h"
#include "updater.h"
#include "install.h"
#include "tune2fs.h"
diff --git a/updater/updater.cpp b/updater/updater.cpp
index ddc01e1..1693fa1 100644
--- a/updater/updater.cpp
+++ b/updater/updater.cpp
@@ -25,6 +25,7 @@
#include "blockimg.h"
#include "minzip/Zip.h"
#include "minzip/SysUtil.h"
+#include "config.h"
// Generated by the makefile, this function defines the
// RegisterDeviceExtensions() function, which calls all the
@@ -84,6 +85,7 @@
argv[3], strerror(err));
return 3;
}
+ ota_io_init(&za);
const ZipEntry* script_entry = mzFindZipEntry(&za, SCRIPT_NAME);
if (script_entry == NULL) {