bigbiff | 1f9e484 | 2020-10-31 11:33:15 -0400 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2007 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | #include "twinstall/install.h" |
| 18 | |
| 19 | #include <ctype.h> |
| 20 | #include <errno.h> |
| 21 | #include <fcntl.h> |
| 22 | #include <inttypes.h> |
| 23 | #include <limits.h> |
| 24 | #include <string.h> |
| 25 | #include <sys/stat.h> |
| 26 | #include <sys/wait.h> |
| 27 | #include <unistd.h> |
| 28 | |
| 29 | #include <algorithm> |
| 30 | #include <atomic> |
| 31 | #include <chrono> |
| 32 | #include <condition_variable> |
| 33 | #include <functional> |
| 34 | #include <limits> |
| 35 | #include <mutex> |
| 36 | #include <thread> |
| 37 | #include <vector> |
| 38 | |
| 39 | #include <android-base/file.h> |
| 40 | #include <android-base/logging.h> |
| 41 | #include <android-base/parsedouble.h> |
| 42 | #include <android-base/parseint.h> |
| 43 | #include <android-base/properties.h> |
| 44 | #include <android-base/stringprintf.h> |
| 45 | #include <android-base/strings.h> |
| 46 | #include <android-base/unique_fd.h> |
bigbiff | 1f9e484 | 2020-10-31 11:33:15 -0400 | [diff] [blame] | 47 | |
| 48 | #include "twinstall/package.h" |
| 49 | #include "twinstall/verifier.h" |
| 50 | #include "twinstall/wipe_data.h" |
| 51 | #include "otautil/error_code.h" |
| 52 | #include "otautil/paths.h" |
bigbiff | 673c7ae | 2020-12-02 19:44:56 -0500 | [diff] [blame] | 53 | #include "recovery_utils/roots.h" |
bigbiff | 1f9e484 | 2020-10-31 11:33:15 -0400 | [diff] [blame] | 54 | #include "otautil/sysutil.h" |
bigbiff | 673c7ae | 2020-12-02 19:44:56 -0500 | [diff] [blame] | 55 | #include "recovery_utils/thermalutil.h" |
bigbiff | 1f9e484 | 2020-10-31 11:33:15 -0400 | [diff] [blame] | 56 | #include "private/setup_commands.h" |
| 57 | |
| 58 | using namespace std::chrono_literals; |
| 59 | |
| 60 | static constexpr int kRecoveryApiVersion = 3; |
| 61 | // Assert the version defined in code and in Android.mk are consistent. |
| 62 | static_assert(kRecoveryApiVersion == RECOVERY_API_VERSION, "Mismatching recovery API versions."); |
| 63 | |
| 64 | // Default allocation of progress bar segments to operations |
| 65 | // static constexpr int VERIFICATION_PROGRESS_TIME = 60; |
| 66 | // static constexpr float VERIFICATION_PROGRESS_FRACTION = 0.25; |
| 67 | |
| 68 | static std::condition_variable finish_log_temperature; |
| 69 | |
| 70 | bool ReadMetadataFromPackage(ZipArchiveHandle zip, std::map<std::string, std::string>* metadata) { |
| 71 | CHECK(metadata != nullptr); |
| 72 | |
| 73 | static constexpr const char* METADATA_PATH = "META-INF/com/android/metadata"; |
bigbiff | 673c7ae | 2020-12-02 19:44:56 -0500 | [diff] [blame] | 74 | std::string path(METADATA_PATH); |
GarfieldHan | d216188 | 2021-11-29 00:04:53 +0800 | [diff] [blame] | 75 | ZipEntry64 entry; |
bigbiff | 1f9e484 | 2020-10-31 11:33:15 -0400 | [diff] [blame] | 76 | if (FindEntry(zip, path, &entry) != 0) { |
| 77 | LOG(ERROR) << "Failed to find " << METADATA_PATH; |
| 78 | return false; |
| 79 | } |
| 80 | |
| 81 | uint32_t length = entry.uncompressed_length; |
| 82 | std::string metadata_string(length, '\0'); |
| 83 | int32_t err = |
| 84 | ExtractToMemory(zip, &entry, reinterpret_cast<uint8_t*>(&metadata_string[0]), length); |
| 85 | if (err != 0) { |
| 86 | LOG(ERROR) << "Failed to extract " << METADATA_PATH << ": " << ErrorCodeString(err); |
| 87 | return false; |
| 88 | } |
| 89 | |
| 90 | for (const std::string& line : android::base::Split(metadata_string, "\n")) { |
| 91 | size_t eq = line.find('='); |
| 92 | if (eq != std::string::npos) { |
| 93 | metadata->emplace(android::base::Trim(line.substr(0, eq)), |
| 94 | android::base::Trim(line.substr(eq + 1))); |
| 95 | } |
| 96 | } |
| 97 | |
| 98 | return true; |
| 99 | } |
| 100 | |
| 101 | // Gets the value for the given key in |metadata|. Returns an emtpy string if the key isn't |
| 102 | // present. |
| 103 | static std::string get_value(const std::map<std::string, std::string>& metadata, |
| 104 | const std::string& key) { |
| 105 | const auto& it = metadata.find(key); |
| 106 | return (it == metadata.end()) ? "" : it->second; |
| 107 | } |
| 108 | |
| 109 | static std::string OtaTypeToString(OtaType type) { |
| 110 | switch (type) { |
| 111 | case OtaType::AB: |
| 112 | return "AB"; |
| 113 | case OtaType::BLOCK: |
| 114 | return "BLOCK"; |
| 115 | case OtaType::BRICK: |
| 116 | return "BRICK"; |
| 117 | } |
| 118 | } |
| 119 | |
| 120 | // Read the build.version.incremental of src/tgt from the metadata and log it to last_install. |
| 121 | static void ReadSourceTargetBuild(const std::map<std::string, std::string>& metadata, |
| 122 | std::vector<std::string>* log_buffer) { |
| 123 | // Examples of the pre-build and post-build strings in metadata: |
| 124 | // pre-build-incremental=2943039 |
| 125 | // post-build-incremental=2951741 |
| 126 | auto source_build = get_value(metadata, "pre-build-incremental"); |
| 127 | if (!source_build.empty()) { |
| 128 | log_buffer->push_back("source_build: " + source_build); |
| 129 | } |
| 130 | |
| 131 | auto target_build = get_value(metadata, "post-build-incremental"); |
| 132 | if (!target_build.empty()) { |
| 133 | log_buffer->push_back("target_build: " + target_build); |
| 134 | } |
| 135 | } |
| 136 | |
| 137 | // Checks the build version, fingerprint and timestamp in the metadata of the A/B package. |
| 138 | // Downgrading is not allowed unless explicitly enabled in the package and only for |
| 139 | // incremental packages. |
| 140 | static int CheckAbSpecificMetadata(const std::map<std::string, std::string>& metadata) { |
| 141 | // Incremental updates should match the current build. |
| 142 | auto device_pre_build = android::base::GetProperty("ro.build.version.incremental", ""); |
| 143 | auto pkg_pre_build = get_value(metadata, "pre-build-incremental"); |
| 144 | if (!pkg_pre_build.empty() && pkg_pre_build != device_pre_build) { |
| 145 | LOG(ERROR) << "Package is for source build " << pkg_pre_build << " but expected " |
| 146 | << device_pre_build; |
| 147 | return INSTALL_ERROR; |
| 148 | } |
| 149 | |
| 150 | auto device_fingerprint = android::base::GetProperty("ro.build.fingerprint", ""); |
| 151 | auto pkg_pre_build_fingerprint = get_value(metadata, "pre-build"); |
| 152 | if (!pkg_pre_build_fingerprint.empty() && pkg_pre_build_fingerprint != device_fingerprint) { |
| 153 | LOG(ERROR) << "Package is for source build " << pkg_pre_build_fingerprint << " but expected " |
| 154 | << device_fingerprint; |
| 155 | return INSTALL_ERROR; |
| 156 | } |
| 157 | |
| 158 | // Check for downgrade version. |
| 159 | // int64_t build_timestamp = |
| 160 | // android::base::GetIntProperty("ro.build.date.utc", std::numeric_limits<int64_t>::max()); |
| 161 | // int64_t pkg_post_timestamp = 0; |
| 162 | // We allow to full update to the same version we are running, in case there |
| 163 | // is a problem with the current copy of that version. |
| 164 | auto pkg_post_timestamp_string = get_value(metadata, "post-timestamp"); |
| 165 | // if (pkg_post_timestamp_string.empty() || |
| 166 | // !android::base::ParseInt(pkg_post_timestamp_string, &pkg_post_timestamp) || |
| 167 | // pkg_post_timestamp < build_timestamp) { |
| 168 | // if (get_value(metadata, "ota-downgrade") != "yes") { |
| 169 | // LOG(ERROR) << "Update package is older than the current build, expected a build " |
| 170 | // "newer than timestamp " |
| 171 | // << build_timestamp << " but package has timestamp " << pkg_post_timestamp |
| 172 | // << " and downgrade not allowed."; |
| 173 | // return INSTALL_ERROR; |
| 174 | // } |
| 175 | // if (pkg_pre_build_fingerprint.empty()) { |
| 176 | // LOG(ERROR) << "Downgrade package must have a pre-build version set, not allowed."; |
| 177 | // return INSTALL_ERROR; |
| 178 | // } |
| 179 | // } |
| 180 | |
| 181 | return 0; |
| 182 | } |
| 183 | |
| 184 | int CheckPackageMetadata(const std::map<std::string, std::string>& metadata, OtaType ota_type) { |
| 185 | auto package_ota_type = get_value(metadata, "ota-type"); |
| 186 | auto expected_ota_type = OtaTypeToString(ota_type); |
| 187 | if (ota_type != OtaType::AB && ota_type != OtaType::BRICK) { |
| 188 | LOG(INFO) << "Skip package metadata check for ota type " << expected_ota_type; |
| 189 | return 0; |
| 190 | } |
| 191 | |
| 192 | if (package_ota_type != expected_ota_type) { |
| 193 | LOG(ERROR) << "Unexpected ota package type, expects " << expected_ota_type << ", actual " |
| 194 | << package_ota_type; |
| 195 | return INSTALL_ERROR; |
| 196 | } |
| 197 | |
| 198 | auto device = android::base::GetProperty("ro.product.device", ""); |
| 199 | auto pkg_device = get_value(metadata, "pre-device"); |
| 200 | if (pkg_device != device || pkg_device.empty()) { |
| 201 | LOG(ERROR) << "Package is for product " << pkg_device << " but expected " << device; |
| 202 | return INSTALL_ERROR; |
| 203 | } |
| 204 | |
| 205 | // We allow the package to not have any serialno; and we also allow it to carry multiple serial |
| 206 | // numbers split by "|"; e.g. serialno=serialno1|serialno2|serialno3 ... We will fail the |
| 207 | // verification if the device's serialno doesn't match any of these carried numbers. |
| 208 | auto pkg_serial_no = get_value(metadata, "serialno"); |
| 209 | if (!pkg_serial_no.empty()) { |
| 210 | auto device_serial_no = android::base::GetProperty("ro.serialno", ""); |
| 211 | bool serial_number_match = false; |
| 212 | for (const auto& number : android::base::Split(pkg_serial_no, "|")) { |
| 213 | if (device_serial_no == android::base::Trim(number)) { |
| 214 | serial_number_match = true; |
| 215 | } |
| 216 | } |
| 217 | if (!serial_number_match) { |
| 218 | LOG(ERROR) << "Package is for serial " << pkg_serial_no; |
| 219 | return INSTALL_ERROR; |
| 220 | } |
| 221 | } |
| 222 | |
| 223 | if (ota_type == OtaType::AB) { |
| 224 | return CheckAbSpecificMetadata(metadata); |
| 225 | } |
| 226 | |
| 227 | return 0; |
| 228 | } |
| 229 | |
| 230 | int SetUpAbUpdateCommands(const std::string& package, ZipArchiveHandle zip, int status_fd, |
| 231 | std::vector<std::string>* cmd) { |
| 232 | CHECK(cmd != nullptr); |
| 233 | |
| 234 | // For A/B updates we extract the payload properties to a buffer and obtain the RAW payload offset |
| 235 | // in the zip file. |
| 236 | static constexpr const char* AB_OTA_PAYLOAD_PROPERTIES = "payload_properties.txt"; |
bigbiff | 673c7ae | 2020-12-02 19:44:56 -0500 | [diff] [blame] | 237 | std::string property_name(AB_OTA_PAYLOAD_PROPERTIES); |
GarfieldHan | d216188 | 2021-11-29 00:04:53 +0800 | [diff] [blame] | 238 | ZipEntry64 properties_entry; |
bigbiff | 1f9e484 | 2020-10-31 11:33:15 -0400 | [diff] [blame] | 239 | if (FindEntry(zip, property_name, &properties_entry) != 0) { |
| 240 | LOG(ERROR) << "Failed to find " << AB_OTA_PAYLOAD_PROPERTIES; |
| 241 | return INSTALL_CORRUPT; |
| 242 | } |
| 243 | uint32_t properties_entry_length = properties_entry.uncompressed_length; |
| 244 | std::vector<uint8_t> payload_properties(properties_entry_length); |
| 245 | int32_t err = |
| 246 | ExtractToMemory(zip, &properties_entry, payload_properties.data(), properties_entry_length); |
| 247 | if (err != 0) { |
| 248 | LOG(ERROR) << "Failed to extract " << AB_OTA_PAYLOAD_PROPERTIES << ": " << ErrorCodeString(err); |
| 249 | return INSTALL_CORRUPT; |
| 250 | } |
| 251 | |
| 252 | static constexpr const char* AB_OTA_PAYLOAD = "payload.bin"; |
bigbiff | 673c7ae | 2020-12-02 19:44:56 -0500 | [diff] [blame] | 253 | std::string payload_name(AB_OTA_PAYLOAD); |
GarfieldHan | d216188 | 2021-11-29 00:04:53 +0800 | [diff] [blame] | 254 | ZipEntry64 payload_entry; |
bigbiff | 1f9e484 | 2020-10-31 11:33:15 -0400 | [diff] [blame] | 255 | if (FindEntry(zip, payload_name, &payload_entry) != 0) { |
| 256 | LOG(ERROR) << "Failed to find " << AB_OTA_PAYLOAD; |
| 257 | return INSTALL_CORRUPT; |
| 258 | } |
| 259 | long payload_offset = payload_entry.offset; |
| 260 | *cmd = { |
| 261 | "/system/bin/update_engine_sideload", |
| 262 | "--payload=file://" + package, |
| 263 | android::base::StringPrintf("--offset=%ld", payload_offset), |
| 264 | "--headers=" + std::string(payload_properties.begin(), payload_properties.end()), |
| 265 | android::base::StringPrintf("--status_fd=%d", status_fd), |
| 266 | }; |
| 267 | return 0; |
| 268 | } |
| 269 | |
| 270 | int SetUpNonAbUpdateCommands(const std::string& package, ZipArchiveHandle zip, int retry_count, |
| 271 | int status_fd, std::vector<std::string>* cmd) { |
| 272 | CHECK(cmd != nullptr); |
| 273 | |
| 274 | // In non-A/B updates we extract the update binary from the package. |
bigbiff | 673c7ae | 2020-12-02 19:44:56 -0500 | [diff] [blame] | 275 | std::string binary_name(UPDATE_BINARY_NAME); |
GarfieldHan | d216188 | 2021-11-29 00:04:53 +0800 | [diff] [blame] | 276 | ZipEntry64 binary_entry; |
bigbiff | 1f9e484 | 2020-10-31 11:33:15 -0400 | [diff] [blame] | 277 | if (FindEntry(zip, binary_name, &binary_entry) != 0) { |
| 278 | LOG(ERROR) << "Failed to find update binary " << UPDATE_BINARY_NAME; |
| 279 | return INSTALL_CORRUPT; |
| 280 | } |
| 281 | |
| 282 | LOG(ERROR) << "SetupNonAbUpdateCommands::here1"; |
| 283 | const std::string binary_path = Paths::Get().temporary_update_binary(); |
| 284 | unlink(binary_path.c_str()); |
| 285 | LOG(ERROR) << "SetupNonAbUpdateCommands::here2"; |
| 286 | android::base::unique_fd fd( |
| 287 | open(binary_path.c_str(), O_CREAT | O_WRONLY | O_TRUNC | O_CLOEXEC, 0755)); |
| 288 | if (fd == -1) { |
| 289 | PLOG(ERROR) << "Failed to create " << binary_path; |
| 290 | return INSTALL_ERROR; |
| 291 | } |
| 292 | LOG(ERROR) << "SetupNonAbUpdateCommands::here3"; |
| 293 | |
| 294 | int32_t error = ExtractEntryToFile(zip, &binary_entry, fd); |
| 295 | if (error != 0) { |
| 296 | LOG(ERROR) << "Failed to extract " << UPDATE_BINARY_NAME << ": " << ErrorCodeString(error); |
| 297 | return INSTALL_ERROR; |
| 298 | } |
bigbiff | 1f9e484 | 2020-10-31 11:33:15 -0400 | [diff] [blame] | 299 | |
| 300 | // When executing the update binary contained in the package, the arguments passed are: |
| 301 | // - the version number for this interface |
| 302 | // - an FD to which the program can write in order to update the progress bar. |
| 303 | // - the name of the package zip file. |
| 304 | // - an optional argument "retry" if this update is a retry of a failed update attempt. |
| 305 | *cmd = { |
| 306 | binary_path, |
| 307 | std::to_string(kRecoveryApiVersion), |
| 308 | std::to_string(status_fd), |
| 309 | package, |
| 310 | }; |
| 311 | if (retry_count > 0) { |
| 312 | cmd->push_back("retry"); |
| 313 | } |
| 314 | return 0; |
| 315 | } |
| 316 | |
| 317 | static void log_max_temperature(int* max_temperature, const std::atomic<bool>& logger_finished) { |
| 318 | CHECK(max_temperature != nullptr); |
| 319 | std::mutex mtx; |
| 320 | std::unique_lock<std::mutex> lck(mtx); |
| 321 | while (!logger_finished.load() && |
| 322 | finish_log_temperature.wait_for(lck, 20s) == std::cv_status::timeout) { |
| 323 | *max_temperature = std::max(*max_temperature, GetMaxValueFromThermalZone()); |
| 324 | } |
| 325 | } |
| 326 | |
| 327 | // If the package contains an update binary, extract it and run it. |
| 328 | static int try_update_binary(const std::string& package, ZipArchiveHandle zip, bool* wipe_cache, |
| 329 | std::vector<std::string>* log_buffer, int retry_count, |
| 330 | int* max_temperature) { |
| 331 | std::map<std::string, std::string> metadata; |
| 332 | |
| 333 | if (!ReadMetadataFromPackage(zip, &metadata)) { |
| 334 | LOG(ERROR) << "Failed to parse metadata in the zip file"; |
| 335 | // return INSTALL_CORRUPT; |
| 336 | } |
| 337 | |
| 338 | bool is_ab = android::base::GetBoolProperty("ro.build.ab_update", false); |
| 339 | // Verifies against the metadata in the package first. |
| 340 | // if (int check_status = is_ab ? CheckPackageMetadata(metadata, OtaType::AB) : 0; |
| 341 | // check_status != 0) { |
| 342 | // log_buffer->push_back(android::base::StringPrintf("error: %d", kUpdateBinaryCommandFailure)); |
| 343 | // return check_status; |
| 344 | // } |
| 345 | |
| 346 | ReadSourceTargetBuild(metadata, log_buffer); |
| 347 | LOG(ERROR) << "try_update_binary::here1"; |
| 348 | // The updater in child process writes to the pipe to communicate with recovery. |
| 349 | android::base::unique_fd pipe_read, pipe_write; |
| 350 | // Explicitly disable O_CLOEXEC using 0 as the flags (last) parameter to Pipe |
| 351 | // so that the child updater process will recieve a non-closed fd. |
| 352 | if (!android::base::Pipe(&pipe_read, &pipe_write, 0)) { |
| 353 | PLOG(ERROR) << "Failed to create pipe for updater-recovery communication"; |
| 354 | return INSTALL_CORRUPT; |
| 355 | } |
| 356 | |
| 357 | // The updater-recovery communication protocol. |
| 358 | // |
| 359 | // progress <frac> <secs> |
| 360 | // fill up the next <frac> part of of the progress bar over <secs> seconds. If <secs> is |
| 361 | // zero, use `set_progress` commands to manually control the progress of this segment of the |
| 362 | // bar. |
| 363 | // |
| 364 | // set_progress <frac> |
| 365 | // <frac> should be between 0.0 and 1.0; sets the progress bar within the segment defined by |
| 366 | // the most recent progress command. |
| 367 | // |
| 368 | // ui_print <string> |
| 369 | // display <string> on the screen. |
| 370 | // |
| 371 | // wipe_cache |
| 372 | // a wipe of cache will be performed following a successful installation. |
| 373 | // |
| 374 | // clear_display |
| 375 | // turn off the text display. |
| 376 | // |
| 377 | // enable_reboot |
| 378 | // packages can explicitly request that they want the user to be able to reboot during |
| 379 | // installation (useful for debugging packages that don't exit). |
| 380 | // |
| 381 | // retry_update |
| 382 | // updater encounters some issue during the update. It requests a reboot to retry the same |
| 383 | // package automatically. |
| 384 | // |
| 385 | // log <string> |
| 386 | // updater requests logging the string (e.g. cause of the failure). |
| 387 | // |
| 388 | |
| 389 | std::vector<std::string> args; |
| 390 | |
| 391 | is_ab = false; |
bigbiff | 673c7ae | 2020-12-02 19:44:56 -0500 | [diff] [blame] | 392 | std::string binary_name(UPDATE_BINARY_NAME); |
GarfieldHan | d216188 | 2021-11-29 00:04:53 +0800 | [diff] [blame] | 393 | ZipEntry64 binary_entry; |
bigbiff | 1f9e484 | 2020-10-31 11:33:15 -0400 | [diff] [blame] | 394 | if (FindEntry(zip, binary_name, &binary_entry) != 0) { |
| 395 | LOG(ERROR) << "Failed to find update binary " << UPDATE_BINARY_NAME; |
| 396 | is_ab = true; |
| 397 | } |
| 398 | |
| 399 | if (int update_status = |
| 400 | is_ab ? SetUpAbUpdateCommands(package, zip, pipe_write.get(), &args) |
| 401 | : SetUpNonAbUpdateCommands(package, zip, retry_count, pipe_write.get(), &args); |
| 402 | update_status != 0) { |
| 403 | log_buffer->push_back(android::base::StringPrintf("error: %d", kUpdateBinaryCommandFailure)); |
| 404 | // return update_status; |
| 405 | } |
| 406 | |
| 407 | pid_t pid = fork(); |
| 408 | if (pid == -1) { |
| 409 | PLOG(ERROR) << "Failed to fork update binary"; |
| 410 | log_buffer->push_back(android::base::StringPrintf("error: %d", kForkUpdateBinaryFailure)); |
| 411 | return INSTALL_ERROR; |
| 412 | } |
| 413 | |
| 414 | if (pid == 0) { |
| 415 | umask(022); |
| 416 | pipe_read.reset(); |
| 417 | |
| 418 | // Convert the std::string vector to a NULL-terminated char* vector suitable for execv. |
| 419 | auto chr_args = StringVectorToNullTerminatedArray(args); |
| 420 | execv(chr_args[0], chr_args.data()); |
| 421 | // We shouldn't use LOG/PLOG in the forked process, since they may cause the child process to |
| 422 | // hang. This deadlock results from an improperly copied mutex in the ui functions. |
| 423 | // (Bug: 34769056) |
| 424 | fprintf(stdout, "E:Can't run %s (%s)\n", chr_args[0], strerror(errno)); |
| 425 | _exit(EXIT_FAILURE); |
| 426 | } |
| 427 | pipe_write.reset(); |
| 428 | |
| 429 | std::atomic<bool> logger_finished(false); |
| 430 | std::thread temperature_logger(log_max_temperature, max_temperature, std::ref(logger_finished)); |
| 431 | |
| 432 | *wipe_cache = false; |
| 433 | bool retry_update = false; |
| 434 | |
| 435 | char buffer[1024]; |
| 436 | FILE* from_child = android::base::Fdopen(std::move(pipe_read), "r"); |
| 437 | while (fgets(buffer, sizeof(buffer), from_child) != nullptr) { |
| 438 | std::string line(buffer); |
| 439 | size_t space = line.find_first_of(" \n"); |
| 440 | std::string command(line.substr(0, space)); |
| 441 | if (command.empty()) continue; |
| 442 | |
| 443 | // Get rid of the leading and trailing space and/or newline. |
| 444 | std::string args = space == std::string::npos ? "" : android::base::Trim(line.substr(space)); |
| 445 | |
| 446 | if (command == "progress") { |
| 447 | std::vector<std::string> tokens = android::base::Split(args, " "); |
| 448 | double fraction; |
| 449 | int seconds; |
| 450 | if (tokens.size() == 2 && android::base::ParseDouble(tokens[0].c_str(), &fraction) && |
| 451 | android::base::ParseInt(tokens[1], &seconds)) { |
| 452 | // ui->ShowProgress(fraction * (1 - VERIFICATION_PROGRESS_FRACTION), seconds); |
| 453 | } else { |
| 454 | LOG(ERROR) << "invalid \"progress\" parameters: " << line; |
| 455 | } |
| 456 | } else if (command == "set_progress") { |
| 457 | std::vector<std::string> tokens = android::base::Split(args, " "); |
| 458 | double fraction; |
| 459 | if (tokens.size() == 1 && android::base::ParseDouble(tokens[0].c_str(), &fraction)) { |
| 460 | // ui->SetProgress(fraction); |
| 461 | } else { |
| 462 | LOG(ERROR) << "invalid \"set_progress\" parameters: " << line; |
| 463 | } |
| 464 | } else if (command == "ui_print") { |
| 465 | // ui->PrintOnScreenOnly("%s\n", args.c_str()); |
| 466 | fflush(stdout); |
| 467 | } else if (command == "wipe_cache") { |
| 468 | *wipe_cache = true; |
| 469 | } else if (command == "clear_display") { |
| 470 | // ui->SetBackground(RecoveryUI::NONE); |
| 471 | } else if (command == "enable_reboot") { |
| 472 | // packages can explicitly request that they want the user |
| 473 | // to be able to reboot during installation (useful for |
| 474 | // debugging packages that don't exit). |
| 475 | // ui->SetEnableReboot(true); |
| 476 | } else if (command == "retry_update") { |
| 477 | retry_update = true; |
| 478 | } else if (command == "log") { |
| 479 | if (!args.empty()) { |
| 480 | // Save the logging request from updater and write to last_install later. |
| 481 | log_buffer->push_back(args); |
| 482 | } else { |
| 483 | LOG(ERROR) << "invalid \"log\" parameters: " << line; |
| 484 | } |
| 485 | } else { |
| 486 | LOG(ERROR) << "unknown command [" << command << "]"; |
| 487 | } |
| 488 | } |
| 489 | fclose(from_child); |
| 490 | |
| 491 | int status; |
| 492 | waitpid(pid, &status, 0); |
| 493 | |
| 494 | logger_finished.store(true); |
| 495 | finish_log_temperature.notify_one(); |
| 496 | temperature_logger.join(); |
| 497 | |
| 498 | if (retry_update) { |
| 499 | return INSTALL_RETRY; |
| 500 | } |
| 501 | if (WIFEXITED(status)) { |
| 502 | if (WEXITSTATUS(status) != EXIT_SUCCESS) { |
| 503 | LOG(ERROR) << "Error in " << package << " (status " << WEXITSTATUS(status) << ")"; |
| 504 | return INSTALL_ERROR; |
| 505 | } |
| 506 | } else if (WIFSIGNALED(status)) { |
| 507 | LOG(ERROR) << "Error in " << package << " (killed by signal " << WTERMSIG(status) << ")"; |
| 508 | return INSTALL_ERROR; |
| 509 | } else { |
| 510 | LOG(FATAL) << "Invalid status code " << status; |
| 511 | } |
| 512 | |
| 513 | return INSTALL_SUCCESS; |
| 514 | } |
| 515 | |
| 516 | // Verifes the compatibility info in a Treble-compatible package. Returns true directly if the |
| 517 | // entry doesn't exist. Note that the compatibility info is packed in a zip file inside the OTA |
| 518 | // package. |
| 519 | // bool verify_package_compatibility(ZipArchiveHandle package_zip __unused) { |
| 520 | // LOG(INFO) << "Verifying package compatibility..."; |
| 521 | |
| 522 | // static constexpr const char* COMPATIBILITY_ZIP_ENTRY = "compatibility.zip"; |
| 523 | // ZipString compatibility_entry_name(COMPATIBILITY_ZIP_ENTRY); |
GarfieldHan | d216188 | 2021-11-29 00:04:53 +0800 | [diff] [blame] | 524 | // ZipEntry64 compatibility_entry; |
bigbiff | 1f9e484 | 2020-10-31 11:33:15 -0400 | [diff] [blame] | 525 | // if (FindEntry(package_zip, compatibility_entry_name, &compatibility_entry) != 0) { |
| 526 | // LOG(INFO) << "Package doesn't contain " << COMPATIBILITY_ZIP_ENTRY << " entry"; |
| 527 | // return true; |
| 528 | // } |
| 529 | |
| 530 | // std::string zip_content(compatibility_entry.uncompressed_length, '\0'); |
| 531 | // int32_t ret; |
| 532 | // if ((ret = ExtractToMemory(package_zip, &compatibility_entry, |
| 533 | // reinterpret_cast<uint8_t*>(&zip_content[0]), |
| 534 | // compatibility_entry.uncompressed_length)) != 0) { |
| 535 | // LOG(ERROR) << "Failed to read " << COMPATIBILITY_ZIP_ENTRY << ": " << ErrorCodeString(ret); |
| 536 | // return false; |
| 537 | // } |
| 538 | |
| 539 | // ZipArchiveHandle zip_handle; |
| 540 | // ret = OpenArchiveFromMemory(static_cast<void*>(const_cast<char*>(zip_content.data())), |
| 541 | // zip_content.size(), COMPATIBILITY_ZIP_ENTRY, &zip_handle); |
| 542 | // if (ret != 0) { |
| 543 | // LOG(ERROR) << "Failed to OpenArchiveFromMemory: " << ErrorCodeString(ret); |
| 544 | // return false; |
| 545 | // } |
| 546 | |
| 547 | // // Iterate all the entries inside COMPATIBILITY_ZIP_ENTRY and read the contents. |
| 548 | // void* cookie; |
| 549 | // ret = StartIteration(zip_handle, &cookie, nullptr, nullptr); |
| 550 | // if (ret != 0) { |
| 551 | // LOG(ERROR) << "Failed to start iterating zip entries: " << ErrorCodeString(ret); |
| 552 | // CloseArchive(zip_handle); |
| 553 | // return false; |
| 554 | // } |
| 555 | // std::unique_ptr<void, decltype(&EndIteration)> guard(cookie, EndIteration); |
| 556 | |
| 557 | // std::vector<std::string> compatibility_info; |
GarfieldHan | d216188 | 2021-11-29 00:04:53 +0800 | [diff] [blame] | 558 | // ZipEntry64 info_entry; |
bigbiff | 1f9e484 | 2020-10-31 11:33:15 -0400 | [diff] [blame] | 559 | // ZipString info_name; |
| 560 | // while (Next(cookie, &info_entry, &info_name) == 0) { |
| 561 | // std::string content(info_entry.uncompressed_length, '\0'); |
| 562 | // int32_t ret = ExtractToMemory(zip_handle, &info_entry, reinterpret_cast<uint8_t*>(&content[0]), |
| 563 | // info_entry.uncompressed_length); |
| 564 | // if (ret != 0) { |
| 565 | // LOG(ERROR) << "Failed to read " << info_name.name << ": " << ErrorCodeString(ret); |
| 566 | // CloseArchive(zip_handle); |
| 567 | // return false; |
| 568 | // } |
| 569 | // compatibility_info.emplace_back(std::move(content)); |
| 570 | // } |
| 571 | // CloseArchive(zip_handle); |
| 572 | |
| 573 | // // VintfObjectRecovery::CheckCompatibility returns zero on success. |
| 574 | // std::string err; |
| 575 | // int result = android::vintf::VintfObjectRecovery::CheckCompatibility(compatibility_info, &err); |
| 576 | // if (result == 0) { |
| 577 | // return true; |
| 578 | // } |
| 579 | |
| 580 | // LOG(ERROR) << "Failed to verify package compatibility (result " << result << "): " << err; |
| 581 | // return false; |
| 582 | // } |
| 583 | |
| 584 | static int really_install_package(const std::string& path, bool* wipe_cache __unused, bool needs_mount __unused, |
| 585 | std::vector<std::string>* log_buffer __unused, int retry_count __unused, |
| 586 | int* max_temperature __unused) { |
| 587 | // ui->SetBackground(RecoveryUI::INSTALLING_UPDATE); |
| 588 | // ui->Print("Finding update package...\n"); |
| 589 | // Give verification half the progress bar... |
| 590 | // ui->SetProgressType(RecoveryUI::DETERMINATE); |
| 591 | // ui->ShowProgress(VERIFICATION_PROGRESS_FRACTION, VERIFICATION_PROGRESS_TIME); |
| 592 | LOG(INFO) << "Update location: " << path; |
| 593 | |
| 594 | // Map the update package into memory. |
| 595 | // ui->Print("Opening update package...\n"); |
| 596 | if (needs_mount) { |
| 597 | if (path[0] == '@') { |
| 598 | ensure_path_mounted(path.substr(1)); |
| 599 | } else { |
| 600 | ensure_path_mounted(path); |
| 601 | } |
| 602 | } |
| 603 | |
| 604 | auto package = Package::CreateMemoryPackage( |
| 605 | path); |
| 606 | if (!package) { |
| 607 | log_buffer->push_back(android::base::StringPrintf("error: %d", kMapFileFailure)); |
| 608 | return INSTALL_CORRUPT; |
| 609 | } |
| 610 | |
| 611 | // Verify package. |
| 612 | if (!verify_package(package.get())) { |
| 613 | log_buffer->push_back(android::base::StringPrintf("error: %d", kZipVerificationFailure)); |
| 614 | return INSTALL_CORRUPT; |
| 615 | } |
| 616 | |
| 617 | // Try to open the package. |
| 618 | ZipArchiveHandle zip = package->GetZipArchiveHandle(); |
| 619 | if (!zip) { |
| 620 | log_buffer->push_back(android::base::StringPrintf("error: %d", kZipOpenFailure)); |
| 621 | return INSTALL_CORRUPT; |
| 622 | } |
| 623 | LOG(ERROR) << "really_install_package::here1"; |
| 624 | |
| 625 | // Additionally verify the compatibility of the package if it's a fresh install. |
| 626 | if (retry_count == 0 && !verify_package_compatibility(zip)) { |
| 627 | log_buffer->push_back(android::base::StringPrintf("error: %d", kPackageCompatibilityFailure)); |
| 628 | return INSTALL_CORRUPT; |
| 629 | } |
| 630 | |
| 631 | // Verify and install the contents of the package. |
| 632 | // ui->Print("Installing update...\n"); |
| 633 | // if (retry_count > 0) { |
| 634 | // ui->Print("Retry attempt: %d\n", retry_count); |
| 635 | // } |
| 636 | // ui->SetEnableReboot(false); |
| 637 | LOG(ERROR) << "really_install_package::here2"; |
| 638 | int result = |
| 639 | try_update_binary(path, zip, wipe_cache, log_buffer, retry_count, max_temperature); |
| 640 | // ui->SetEnableReboot(true); |
| 641 | // ui->Print("\n"); |
| 642 | return result; |
| 643 | } |
| 644 | |
| 645 | int install_package(const std::string& path, bool should_wipe_cache, bool needs_mount, |
| 646 | int retry_count) { |
| 647 | CHECK(!path.empty()); |
| 648 | |
| 649 | auto start = std::chrono::system_clock::now(); |
| 650 | |
| 651 | int start_temperature = GetMaxValueFromThermalZone(); |
| 652 | int max_temperature = start_temperature; |
| 653 | |
| 654 | int result; |
| 655 | std::vector<std::string> log_buffer; |
| 656 | // if (setup_install_mounts() != 0) { |
| 657 | // LOG(ERROR) << "failed to set up expected mounts for install; aborting"; |
| 658 | // result = INSTALL_ERROR; |
| 659 | // } else { |
| 660 | bool updater_wipe_cache = false; |
| 661 | result = really_install_package(path, &updater_wipe_cache, needs_mount, &log_buffer, |
| 662 | retry_count, &max_temperature); |
| 663 | should_wipe_cache = should_wipe_cache || updater_wipe_cache; |
| 664 | // } |
| 665 | |
| 666 | // Measure the time spent to apply OTA update in seconds. |
| 667 | std::chrono::duration<double> duration = std::chrono::system_clock::now() - start; |
| 668 | int time_total = static_cast<int>(duration.count()); |
| 669 | |
| 670 | bool has_cache = volume_for_mount_point("/cache") != nullptr; |
| 671 | // Skip logging the uncrypt_status on devices without /cache. |
| 672 | if (has_cache) { |
| 673 | static constexpr const char* UNCRYPT_STATUS = "/cache/recovery/uncrypt_status"; |
| 674 | if (ensure_path_mounted(UNCRYPT_STATUS) != 0) { |
| 675 | LOG(WARNING) << "Can't mount " << UNCRYPT_STATUS; |
| 676 | } else { |
| 677 | std::string uncrypt_status; |
| 678 | if (!android::base::ReadFileToString(UNCRYPT_STATUS, &uncrypt_status)) { |
| 679 | PLOG(WARNING) << "failed to read uncrypt status"; |
| 680 | } else if (!android::base::StartsWith(uncrypt_status, "uncrypt_")) { |
| 681 | LOG(WARNING) << "corrupted uncrypt_status: " << uncrypt_status; |
| 682 | } else { |
| 683 | log_buffer.push_back(android::base::Trim(uncrypt_status)); |
| 684 | } |
| 685 | } |
| 686 | } |
| 687 | |
| 688 | // The first two lines need to be the package name and install result. |
| 689 | std::vector<std::string> log_header = { |
| 690 | path, |
| 691 | result == INSTALL_SUCCESS ? "1" : "0", |
| 692 | "time_total: " + std::to_string(time_total), |
| 693 | "retry: " + std::to_string(retry_count), |
| 694 | }; |
| 695 | |
| 696 | int end_temperature = GetMaxValueFromThermalZone(); |
| 697 | max_temperature = std::max(end_temperature, max_temperature); |
| 698 | if (start_temperature > 0) { |
| 699 | log_buffer.push_back("temperature_start: " + std::to_string(start_temperature)); |
| 700 | } |
| 701 | if (end_temperature > 0) { |
| 702 | log_buffer.push_back("temperature_end: " + std::to_string(end_temperature)); |
| 703 | } |
| 704 | if (max_temperature > 0) { |
| 705 | log_buffer.push_back("temperature_max: " + std::to_string(max_temperature)); |
| 706 | } |
| 707 | |
| 708 | std::string log_content = |
| 709 | android::base::Join(log_header, "\n") + "\n" + android::base::Join(log_buffer, "\n") + "\n"; |
| 710 | const std::string& install_file = Paths::Get().temporary_install_file(); |
| 711 | if (!android::base::WriteStringToFile(log_content, install_file)) { |
| 712 | PLOG(ERROR) << "failed to write " << install_file; |
| 713 | } |
| 714 | |
| 715 | // Write a copy into last_log. |
| 716 | LOG(INFO) << log_content; |
| 717 | |
| 718 | if (result == INSTALL_SUCCESS && should_wipe_cache) { |
| 719 | if (!WipeCache(nullptr)) { |
| 720 | result = INSTALL_ERROR; |
| 721 | } |
| 722 | } |
| 723 | |
| 724 | return result; |
| 725 | } |
| 726 | |
| 727 | bool verify_package(Package* package) { |
| 728 | static constexpr const char* CERTIFICATE_ZIP_FILE = "/system/etc/security/otacerts.zip"; |
| 729 | std::vector<Certificate> loaded_keys = LoadKeysFromZipfile(CERTIFICATE_ZIP_FILE); |
| 730 | if (loaded_keys.empty()) { |
| 731 | LOG(ERROR) << "Failed to load keys"; |
| 732 | return false; |
| 733 | } |
| 734 | LOG(INFO) << loaded_keys.size() << " key(s) loaded from " << CERTIFICATE_ZIP_FILE; |
| 735 | |
| 736 | // Verify package. |
| 737 | // ui->Print("Verifying update package...\n"); |
| 738 | // auto t0 = std::chrono::system_clock::now(); |
| 739 | int err = verify_file(package, loaded_keys); |
| 740 | // if(err != VERIFY_SUCCESS) { |
| 741 | |
| 742 | // } |
| 743 | // std::chrono::duration<double> duration = std::chrono::system_clock::now() - t0; |
| 744 | // ui->Print("Update package verification took %.1f s (result %d).\n", duration.count(), err); |
| 745 | if (err != VERIFY_SUCCESS) { |
| 746 | LOG(ERROR) << "Signature verification failed"; |
| 747 | LOG(ERROR) << "error: " << kZipVerificationFailure; |
| 748 | // return false; |
| 749 | } |
| 750 | return true; |
| 751 | } |