2014-01-13 19:04:25 +01:00
|
|
|
/*
|
|
|
|
* Copyright (C) 2014 The Android Open Source Project
|
|
|
|
*
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
|
* You may obtain a copy of the License at
|
|
|
|
*
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
*
|
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
* See the License for the specific language governing permissions and
|
|
|
|
* limitations under the License.
|
|
|
|
*/
|
|
|
|
|
|
|
|
// This program takes a file on an ext4 filesystem and produces a list
|
|
|
|
// of the blocks that file occupies, which enables the file contents
|
|
|
|
// to be read directly from the block device without mounting the
|
|
|
|
// filesystem.
|
|
|
|
//
|
|
|
|
// If the filesystem is using an encrypted block device, it will also
|
|
|
|
// read the file and rewrite it to the same blocks of the underlying
|
|
|
|
// (unencrypted) block device, so the file contents can be read
|
|
|
|
// without the need for the decryption key.
|
|
|
|
//
|
|
|
|
// The output of this program is a "block map" which looks like this:
|
|
|
|
//
|
|
|
|
// /dev/block/platform/msm_sdcc.1/by-name/userdata # block device
|
|
|
|
// 49652 4096 # file size in bytes, block size
|
|
|
|
// 3 # count of block ranges
|
|
|
|
// 1000 1008 # block range 0
|
|
|
|
// 2100 2102 # ... block range 1
|
|
|
|
// 30 33 # ... block range 2
|
|
|
|
//
|
|
|
|
// Each block range represents a half-open interval; the line "30 33"
|
|
|
|
// reprents the blocks [30, 31, 32].
|
|
|
|
//
|
|
|
|
// Recovery can take this block map file and retrieve the underlying
|
|
|
|
// file data to use as an update package.
|
|
|
|
|
2016-02-25 21:38:53 +01:00
|
|
|
/**
|
|
|
|
* In addition to the uncrypt work, uncrypt also takes care of setting and
|
|
|
|
* clearing the bootloader control block (BCB) at /misc partition.
|
|
|
|
*
|
|
|
|
* uncrypt is triggered as init services on demand. It uses socket to
|
|
|
|
* communicate with its caller (i.e. system_server). The socket is managed by
|
|
|
|
* init (i.e. created prior to the service starts, and destroyed when uncrypt
|
|
|
|
* exits).
|
|
|
|
*
|
|
|
|
* Below is the uncrypt protocol.
|
|
|
|
*
|
|
|
|
* a. caller b. init c. uncrypt
|
|
|
|
* --------------- ------------ --------------
|
|
|
|
* a1. ctl.start:
|
|
|
|
* setup-bcb /
|
|
|
|
* clear-bcb /
|
|
|
|
* uncrypt
|
|
|
|
*
|
|
|
|
* b2. create socket at
|
|
|
|
* /dev/socket/uncrypt
|
|
|
|
*
|
|
|
|
* c3. listen and accept
|
|
|
|
*
|
|
|
|
* a4. send a 4-byte int
|
|
|
|
* (message length)
|
|
|
|
* c5. receive message length
|
|
|
|
* a6. send message
|
|
|
|
* c7. receive message
|
|
|
|
* c8. <do the work; may send
|
|
|
|
* the progress>
|
|
|
|
* a9. <may handle progress>
|
|
|
|
* c10. <upon finishing>
|
|
|
|
* send "100" or "-1"
|
|
|
|
*
|
|
|
|
* a11. receive status code
|
|
|
|
* a12. send a 4-byte int to
|
|
|
|
* ack the receive of the
|
|
|
|
* final status code
|
|
|
|
* c13. receive and exit
|
|
|
|
*
|
|
|
|
* b14. destroy the socket
|
|
|
|
*
|
|
|
|
* Note that a12 and c13 are necessary to ensure a11 happens before the socket
|
|
|
|
* gets destroyed in b14.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <arpa/inet.h>
|
2014-12-29 21:46:43 +01:00
|
|
|
#include <errno.h>
|
2015-05-27 23:46:17 +02:00
|
|
|
#include <fcntl.h>
|
2015-12-09 07:47:25 +01:00
|
|
|
#include <inttypes.h>
|
2016-02-01 20:40:37 +01:00
|
|
|
#include <libgen.h>
|
2015-05-27 23:46:17 +02:00
|
|
|
#include <linux/fs.h>
|
|
|
|
#include <stdarg.h>
|
2014-01-13 19:04:25 +01:00
|
|
|
#include <stdio.h>
|
|
|
|
#include <stdlib.h>
|
2015-01-30 05:50:08 +01:00
|
|
|
#include <string.h>
|
2014-01-13 19:04:25 +01:00
|
|
|
#include <sys/mman.h>
|
2016-02-25 21:38:53 +01:00
|
|
|
#include <sys/socket.h>
|
2015-05-22 01:44:44 +02:00
|
|
|
#include <sys/stat.h>
|
|
|
|
#include <sys/types.h>
|
2015-05-27 23:46:17 +02:00
|
|
|
#include <unistd.h>
|
2014-01-13 19:04:25 +01:00
|
|
|
|
2016-02-01 20:40:37 +01:00
|
|
|
#include <algorithm>
|
2015-08-07 03:35:05 +02:00
|
|
|
#include <memory>
|
2016-02-01 20:40:37 +01:00
|
|
|
#include <vector>
|
2015-08-07 03:35:05 +02:00
|
|
|
|
2015-12-05 00:30:20 +01:00
|
|
|
#include <android-base/file.h>
|
2016-01-27 01:50:15 +01:00
|
|
|
#include <android-base/logging.h>
|
2016-09-24 00:30:55 +02:00
|
|
|
#include <android-base/properties.h>
|
2016-02-01 20:40:37 +01:00
|
|
|
#include <android-base/stringprintf.h>
|
2015-12-05 00:30:20 +01:00
|
|
|
#include <android-base/strings.h>
|
2016-03-23 04:19:22 +01:00
|
|
|
#include <android-base/unique_fd.h>
|
2016-06-25 03:22:02 +02:00
|
|
|
#include <bootloader_message/bootloader_message.h>
|
2015-05-27 23:46:17 +02:00
|
|
|
#include <cutils/android_reboot.h>
|
2016-02-25 21:38:53 +01:00
|
|
|
#include <cutils/sockets.h>
|
2014-01-13 19:04:25 +01:00
|
|
|
#include <fs_mgr.h>
|
|
|
|
|
2017-10-06 16:43:41 +02:00
|
|
|
#include "otautil/error_code.h"
|
2016-09-25 00:31:34 +02:00
|
|
|
|
2016-11-11 22:53:25 +01:00
|
|
|
static constexpr int WINDOW_SIZE = 5;
|
|
|
|
static constexpr int FIBMAP_RETRY_LIMIT = 3;
|
2015-05-22 01:44:44 +02:00
|
|
|
|
2016-02-25 21:38:53 +01:00
|
|
|
// uncrypt provides three services: SETUP_BCB, CLEAR_BCB and UNCRYPT.
|
|
|
|
//
|
|
|
|
// SETUP_BCB and CLEAR_BCB services use socket communication and do not rely
|
|
|
|
// on /cache partitions. They will handle requests to reboot into recovery
|
|
|
|
// (for applying updates for non-A/B devices, or factory resets for all
|
|
|
|
// devices).
|
|
|
|
//
|
|
|
|
// UNCRYPT service still needs files on /cache partition (UNCRYPT_PATH_FILE
|
|
|
|
// and CACHE_BLOCK_MAP). It will be working (and needed) only for non-A/B
|
|
|
|
// devices, on which /cache partitions always exist.
|
2016-01-27 01:50:15 +01:00
|
|
|
static const std::string CACHE_BLOCK_MAP = "/cache/recovery/block.map";
|
|
|
|
static const std::string UNCRYPT_PATH_FILE = "/cache/recovery/uncrypt_file";
|
2016-09-09 19:55:44 +02:00
|
|
|
static const std::string UNCRYPT_STATUS = "/cache/recovery/uncrypt_status";
|
2016-02-25 21:38:53 +01:00
|
|
|
static const std::string UNCRYPT_SOCKET = "uncrypt";
|
2014-01-13 19:04:25 +01:00
|
|
|
|
2016-02-25 21:38:53 +01:00
|
|
|
static struct fstab* fstab = nullptr;
|
2014-08-19 00:55:28 +02:00
|
|
|
|
2015-05-06 03:36:45 +02:00
|
|
|
static int write_at_offset(unsigned char* buffer, size_t size, int wfd, off64_t offset) {
|
2015-04-29 02:24:24 +02:00
|
|
|
if (TEMP_FAILURE_RETRY(lseek64(wfd, offset, SEEK_SET)) == -1) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "error seeking to offset " << offset;
|
2015-04-29 02:24:24 +02:00
|
|
|
return -1;
|
|
|
|
}
|
2016-02-01 20:40:37 +01:00
|
|
|
if (!android::base::WriteFully(wfd, buffer, size)) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "error writing offset " << offset;
|
2016-02-01 20:40:37 +01:00
|
|
|
return -1;
|
2014-01-13 19:04:25 +01:00
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2016-02-01 20:40:37 +01:00
|
|
|
static void add_block_to_ranges(std::vector<int>& ranges, int new_block) {
|
|
|
|
if (!ranges.empty() && new_block == ranges.back()) {
|
2014-01-13 19:04:25 +01:00
|
|
|
// If the new block comes immediately after the current range,
|
|
|
|
// all we have to do is extend the current range.
|
2016-02-01 20:40:37 +01:00
|
|
|
++ranges.back();
|
2014-01-13 19:04:25 +01:00
|
|
|
} else {
|
|
|
|
// We need to start a new range.
|
2016-02-01 20:40:37 +01:00
|
|
|
ranges.push_back(new_block);
|
|
|
|
ranges.push_back(new_block + 1);
|
2014-01-13 19:04:25 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-05-06 03:36:45 +02:00
|
|
|
static struct fstab* read_fstab() {
|
2017-03-10 09:00:40 +01:00
|
|
|
fstab = fs_mgr_read_fstab_default();
|
2014-01-13 19:04:25 +01:00
|
|
|
if (!fstab) {
|
2017-03-10 09:00:40 +01:00
|
|
|
LOG(ERROR) << "failed to read default fstab";
|
2014-01-13 19:04:25 +01:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2014-08-19 00:55:28 +02:00
|
|
|
return fstab;
|
|
|
|
}
|
|
|
|
|
2017-12-08 22:19:23 +01:00
|
|
|
static const char* find_block_device(const char* path, bool* encryptable,
|
|
|
|
bool* encrypted, bool* f2fs_fs) {
|
2014-01-13 19:04:25 +01:00
|
|
|
// Look for a volume whose mount point is the prefix of path and
|
|
|
|
// return its block device. Set encrypted if it's currently
|
|
|
|
// encrypted.
|
2017-12-08 22:19:23 +01:00
|
|
|
|
|
|
|
// ensure f2fs_fs is set to false first.
|
|
|
|
*f2fs_fs = false;
|
|
|
|
|
2015-05-06 03:36:45 +02:00
|
|
|
for (int i = 0; i < fstab->num_entries; ++i) {
|
2014-01-13 19:04:25 +01:00
|
|
|
struct fstab_rec* v = &fstab->recs[i];
|
2015-05-06 03:36:45 +02:00
|
|
|
if (!v->mount_point) {
|
|
|
|
continue;
|
|
|
|
}
|
2014-01-13 19:04:25 +01:00
|
|
|
int len = strlen(v->mount_point);
|
|
|
|
if (strncmp(path, v->mount_point, len) == 0 &&
|
|
|
|
(path[len] == '/' || path[len] == 0)) {
|
2015-05-06 03:36:45 +02:00
|
|
|
*encrypted = false;
|
|
|
|
*encryptable = false;
|
2015-07-17 05:04:13 +02:00
|
|
|
if (fs_mgr_is_encryptable(v) || fs_mgr_is_file_encrypted(v)) {
|
2015-05-06 03:36:45 +02:00
|
|
|
*encryptable = true;
|
2016-09-24 00:30:55 +02:00
|
|
|
if (android::base::GetProperty("ro.crypto.state", "") == "encrypted") {
|
2015-05-06 03:36:45 +02:00
|
|
|
*encrypted = true;
|
2014-01-13 19:04:25 +01:00
|
|
|
}
|
|
|
|
}
|
2017-12-08 22:19:23 +01:00
|
|
|
if (strcmp(v->fs_type, "f2fs") == 0) {
|
|
|
|
*f2fs_fs = true;
|
|
|
|
}
|
2014-01-13 19:04:25 +01:00
|
|
|
return v->blk_device;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2016-02-25 21:38:53 +01:00
|
|
|
static bool write_status_to_socket(int status, int socket) {
|
2016-07-01 00:31:51 +02:00
|
|
|
// If socket equals -1, uncrypt is in debug mode without socket communication.
|
|
|
|
// Skip writing and return success.
|
|
|
|
if (socket == -1) {
|
|
|
|
return true;
|
|
|
|
}
|
2016-02-25 21:38:53 +01:00
|
|
|
int status_out = htonl(status);
|
|
|
|
return android::base::WriteFully(socket, &status_out, sizeof(int));
|
|
|
|
}
|
|
|
|
|
2015-05-22 01:44:44 +02:00
|
|
|
// Parse uncrypt_file to find the update package name.
|
2016-01-27 01:50:15 +01:00
|
|
|
static bool find_uncrypt_package(const std::string& uncrypt_path_file, std::string* package_name) {
|
|
|
|
CHECK(package_name != nullptr);
|
|
|
|
std::string uncrypt_path;
|
|
|
|
if (!android::base::ReadFileToString(uncrypt_path_file, &uncrypt_path)) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to open \"" << uncrypt_path_file << "\"";
|
2015-05-22 01:44:44 +02:00
|
|
|
return false;
|
2014-01-13 19:04:25 +01:00
|
|
|
}
|
|
|
|
|
2015-05-22 01:44:44 +02:00
|
|
|
// Remove the trailing '\n' if present.
|
2016-01-27 01:50:15 +01:00
|
|
|
*package_name = android::base::Trim(uncrypt_path);
|
2015-05-22 01:44:44 +02:00
|
|
|
return true;
|
2014-01-13 19:04:25 +01:00
|
|
|
}
|
|
|
|
|
2016-11-11 22:53:25 +01:00
|
|
|
static int retry_fibmap(const int fd, const char* name, int* block, const int head_block) {
|
|
|
|
CHECK(block != nullptr);
|
|
|
|
for (size_t i = 0; i < FIBMAP_RETRY_LIMIT; i++) {
|
|
|
|
if (fsync(fd) == -1) {
|
|
|
|
PLOG(ERROR) << "failed to fsync \"" << name << "\"";
|
|
|
|
return kUncryptFileSyncError;
|
|
|
|
}
|
|
|
|
if (ioctl(fd, FIBMAP, block) != 0) {
|
|
|
|
PLOG(ERROR) << "failed to find block " << head_block;
|
|
|
|
return kUncryptIoctlError;
|
|
|
|
}
|
|
|
|
if (*block != 0) {
|
|
|
|
return kUncryptNoError;
|
|
|
|
}
|
|
|
|
sleep(1);
|
|
|
|
}
|
|
|
|
LOG(ERROR) << "fibmap of " << head_block << "always returns 0";
|
|
|
|
return kUncryptIoctlError;
|
|
|
|
}
|
|
|
|
|
2015-05-06 03:36:45 +02:00
|
|
|
static int produce_block_map(const char* path, const char* map_file, const char* blk_dev,
|
2017-12-08 22:19:23 +01:00
|
|
|
bool encrypted, bool f2fs_fs, int socket) {
|
2016-02-01 20:40:37 +01:00
|
|
|
std::string err;
|
|
|
|
if (!android::base::RemoveFileIfExists(map_file, &err)) {
|
2016-08-06 03:00:04 +02:00
|
|
|
LOG(ERROR) << "failed to remove the existing map file " << map_file << ": " << err;
|
2016-09-25 00:31:34 +02:00
|
|
|
return kUncryptFileRemoveError;
|
2016-02-01 20:40:37 +01:00
|
|
|
}
|
|
|
|
std::string tmp_map_file = std::string(map_file) + ".tmp";
|
2016-03-23 04:19:22 +01:00
|
|
|
android::base::unique_fd mapfd(open(tmp_map_file.c_str(),
|
|
|
|
O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR));
|
|
|
|
if (mapfd == -1) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to open " << tmp_map_file;
|
2016-09-25 00:31:34 +02:00
|
|
|
return kUncryptFileOpenError;
|
2014-12-10 13:57:09 +01:00
|
|
|
}
|
2014-01-13 19:04:25 +01:00
|
|
|
|
2016-02-25 21:38:53 +01:00
|
|
|
// Make sure we can write to the socket.
|
|
|
|
if (!write_status_to_socket(0, socket)) {
|
2016-08-06 03:00:04 +02:00
|
|
|
LOG(ERROR) << "failed to write to socket " << socket;
|
2016-09-25 00:31:34 +02:00
|
|
|
return kUncryptSocketWriteError;
|
2015-05-22 01:44:44 +02:00
|
|
|
}
|
|
|
|
|
2015-05-06 03:36:45 +02:00
|
|
|
struct stat sb;
|
2015-08-07 03:35:05 +02:00
|
|
|
if (stat(path, &sb) != 0) {
|
2016-08-06 03:00:04 +02:00
|
|
|
LOG(ERROR) << "failed to stat " << path;
|
2016-09-25 00:31:34 +02:00
|
|
|
return kUncryptFileStatError;
|
2014-01-13 19:04:25 +01:00
|
|
|
}
|
|
|
|
|
2016-08-06 03:00:04 +02:00
|
|
|
LOG(INFO) << " block size: " << sb.st_blksize << " bytes";
|
2014-01-13 19:04:25 +01:00
|
|
|
|
|
|
|
int blocks = ((sb.st_size-1) / sb.st_blksize) + 1;
|
2016-08-06 03:00:04 +02:00
|
|
|
LOG(INFO) << " file size: " << sb.st_size << " bytes, " << blocks << " blocks";
|
2014-01-13 19:04:25 +01:00
|
|
|
|
2016-02-01 20:40:37 +01:00
|
|
|
std::vector<int> ranges;
|
2014-01-13 19:04:25 +01:00
|
|
|
|
2016-04-18 20:30:55 +02:00
|
|
|
std::string s = android::base::StringPrintf("%s\n%" PRId64 " %" PRId64 "\n",
|
|
|
|
blk_dev, static_cast<int64_t>(sb.st_size),
|
|
|
|
static_cast<int64_t>(sb.st_blksize));
|
2016-03-23 04:19:22 +01:00
|
|
|
if (!android::base::WriteStringToFd(s, mapfd)) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to write " << tmp_map_file;
|
2016-09-25 00:31:34 +02:00
|
|
|
return kUncryptWriteError;
|
2016-02-01 20:40:37 +01:00
|
|
|
}
|
2014-01-13 19:04:25 +01:00
|
|
|
|
2016-02-01 20:40:37 +01:00
|
|
|
std::vector<std::vector<unsigned char>> buffers;
|
2014-01-13 19:04:25 +01:00
|
|
|
if (encrypted) {
|
2016-02-01 20:40:37 +01:00
|
|
|
buffers.resize(WINDOW_SIZE, std::vector<unsigned char>(sb.st_blksize));
|
2014-01-13 19:04:25 +01:00
|
|
|
}
|
|
|
|
int head_block = 0;
|
|
|
|
int head = 0, tail = 0;
|
|
|
|
|
2016-03-23 04:19:22 +01:00
|
|
|
android::base::unique_fd fd(open(path, O_RDONLY));
|
|
|
|
if (fd == -1) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to open " << path << " for reading";
|
2016-09-25 00:31:34 +02:00
|
|
|
return kUncryptFileOpenError;
|
2014-01-13 19:04:25 +01:00
|
|
|
}
|
|
|
|
|
2016-03-23 04:19:22 +01:00
|
|
|
android::base::unique_fd wfd;
|
2014-01-13 19:04:25 +01:00
|
|
|
if (encrypted) {
|
2016-03-23 04:19:22 +01:00
|
|
|
wfd.reset(open(blk_dev, O_WRONLY));
|
|
|
|
if (wfd == -1) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to open " << blk_dev << " for writing";
|
2016-09-25 00:31:34 +02:00
|
|
|
return kUncryptBlockOpenError;
|
2014-01-13 19:04:25 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-12-08 22:19:23 +01:00
|
|
|
// F2FS-specific ioctl
|
|
|
|
// It requires the below kernel commit merged in v4.16-rc1.
|
|
|
|
// 1ad71a27124c ("f2fs: add an ioctl to disable GC for specific file")
|
|
|
|
// In android-4.4,
|
|
|
|
// 56ee1e817908 ("f2fs: updates on v4.16-rc1")
|
|
|
|
// In android-4.9,
|
|
|
|
// 2f17e34672a8 ("f2fs: updates on v4.16-rc1")
|
|
|
|
// In android-4.14,
|
|
|
|
// ce767d9a55bc ("f2fs: updates on v4.16-rc1")
|
|
|
|
#ifndef F2FS_IOC_SET_PIN_FILE
|
|
|
|
#ifndef F2FS_IOCTL_MAGIC
|
|
|
|
#define F2FS_IOCTL_MAGIC 0xf5
|
|
|
|
#endif
|
|
|
|
#define F2FS_IOC_SET_PIN_FILE _IOW(F2FS_IOCTL_MAGIC, 13, __u32)
|
|
|
|
#define F2FS_IOC_GET_PIN_FILE _IOW(F2FS_IOCTL_MAGIC, 14, __u32)
|
|
|
|
#endif
|
|
|
|
if (f2fs_fs) {
|
|
|
|
int error = ioctl(fd, F2FS_IOC_SET_PIN_FILE);
|
|
|
|
// Don't break the old kernels which don't support it.
|
|
|
|
if (error && errno != ENOTTY && errno != ENOTSUP) {
|
|
|
|
PLOG(ERROR) << "Failed to set pin_file for f2fs: " << path << " on " << blk_dev;
|
|
|
|
return kUncryptIoctlError;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-12-09 07:47:25 +01:00
|
|
|
off64_t pos = 0;
|
2015-05-22 01:44:44 +02:00
|
|
|
int last_progress = 0;
|
2014-01-13 19:04:25 +01:00
|
|
|
while (pos < sb.st_size) {
|
2015-05-22 01:44:44 +02:00
|
|
|
// Update the status file, progress must be between [0, 99].
|
|
|
|
int progress = static_cast<int>(100 * (double(pos) / double(sb.st_size)));
|
|
|
|
if (progress > last_progress) {
|
2016-02-25 21:38:53 +01:00
|
|
|
last_progress = progress;
|
|
|
|
write_status_to_socket(progress, socket);
|
2015-05-22 01:44:44 +02:00
|
|
|
}
|
|
|
|
|
2014-01-13 19:04:25 +01:00
|
|
|
if ((tail+1) % WINDOW_SIZE == head) {
|
|
|
|
// write out head buffer
|
|
|
|
int block = head_block;
|
2016-03-23 04:19:22 +01:00
|
|
|
if (ioctl(fd, FIBMAP, &block) != 0) {
|
2016-09-25 00:31:34 +02:00
|
|
|
PLOG(ERROR) << "failed to find block " << head_block;
|
|
|
|
return kUncryptIoctlError;
|
2014-01-13 19:04:25 +01:00
|
|
|
}
|
2016-11-11 22:53:25 +01:00
|
|
|
|
|
|
|
if (block == 0) {
|
|
|
|
LOG(ERROR) << "failed to find block " << head_block << ", retrying";
|
|
|
|
int error = retry_fibmap(fd, path, &block, head_block);
|
|
|
|
if (error != kUncryptNoError) {
|
|
|
|
return error;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-02-01 20:40:37 +01:00
|
|
|
add_block_to_ranges(ranges, block);
|
2014-01-13 19:04:25 +01:00
|
|
|
if (encrypted) {
|
2016-03-23 04:19:22 +01:00
|
|
|
if (write_at_offset(buffers[head].data(), sb.st_blksize, wfd,
|
|
|
|
static_cast<off64_t>(sb.st_blksize) * block) != 0) {
|
2016-09-25 00:31:34 +02:00
|
|
|
return kUncryptWriteError;
|
2014-01-13 19:04:25 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
head = (head + 1) % WINDOW_SIZE;
|
|
|
|
++head_block;
|
|
|
|
}
|
|
|
|
|
|
|
|
// read next block to tail
|
|
|
|
if (encrypted) {
|
2016-02-01 20:40:37 +01:00
|
|
|
size_t to_read = static_cast<size_t>(
|
|
|
|
std::min(static_cast<off64_t>(sb.st_blksize), sb.st_size - pos));
|
2016-03-23 04:19:22 +01:00
|
|
|
if (!android::base::ReadFully(fd, buffers[tail].data(), to_read)) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to read " << path;
|
2016-09-25 00:31:34 +02:00
|
|
|
return kUncryptReadError;
|
2014-01-13 19:04:25 +01:00
|
|
|
}
|
2016-02-01 20:40:37 +01:00
|
|
|
pos += to_read;
|
2014-01-13 19:04:25 +01:00
|
|
|
} else {
|
|
|
|
// If we're not encrypting; we don't need to actually read
|
|
|
|
// anything, just skip pos forward as if we'd read a
|
|
|
|
// block.
|
|
|
|
pos += sb.st_blksize;
|
|
|
|
}
|
|
|
|
tail = (tail+1) % WINDOW_SIZE;
|
|
|
|
}
|
|
|
|
|
|
|
|
while (head != tail) {
|
|
|
|
// write out head buffer
|
|
|
|
int block = head_block;
|
2016-03-23 04:19:22 +01:00
|
|
|
if (ioctl(fd, FIBMAP, &block) != 0) {
|
2016-09-25 00:31:34 +02:00
|
|
|
PLOG(ERROR) << "failed to find block " << head_block;
|
|
|
|
return kUncryptIoctlError;
|
2014-01-13 19:04:25 +01:00
|
|
|
}
|
2016-11-11 22:53:25 +01:00
|
|
|
|
|
|
|
if (block == 0) {
|
|
|
|
LOG(ERROR) << "failed to find block " << head_block << ", retrying";
|
|
|
|
int error = retry_fibmap(fd, path, &block, head_block);
|
|
|
|
if (error != kUncryptNoError) {
|
|
|
|
return error;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-02-01 20:40:37 +01:00
|
|
|
add_block_to_ranges(ranges, block);
|
2014-01-13 19:04:25 +01:00
|
|
|
if (encrypted) {
|
2016-03-23 04:19:22 +01:00
|
|
|
if (write_at_offset(buffers[head].data(), sb.st_blksize, wfd,
|
|
|
|
static_cast<off64_t>(sb.st_blksize) * block) != 0) {
|
2016-09-25 00:31:34 +02:00
|
|
|
return kUncryptWriteError;
|
2014-01-13 19:04:25 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
head = (head + 1) % WINDOW_SIZE;
|
|
|
|
++head_block;
|
|
|
|
}
|
|
|
|
|
2016-02-01 20:40:37 +01:00
|
|
|
if (!android::base::WriteStringToFd(
|
2016-03-23 04:19:22 +01:00
|
|
|
android::base::StringPrintf("%zu\n", ranges.size() / 2), mapfd)) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to write " << tmp_map_file;
|
2016-09-25 00:31:34 +02:00
|
|
|
return kUncryptWriteError;
|
2016-02-01 20:40:37 +01:00
|
|
|
}
|
|
|
|
for (size_t i = 0; i < ranges.size(); i += 2) {
|
|
|
|
if (!android::base::WriteStringToFd(
|
2016-03-23 04:19:22 +01:00
|
|
|
android::base::StringPrintf("%d %d\n", ranges[i], ranges[i+1]), mapfd)) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to write " << tmp_map_file;
|
2016-09-25 00:31:34 +02:00
|
|
|
return kUncryptWriteError;
|
2016-02-01 20:40:37 +01:00
|
|
|
}
|
2014-01-13 19:04:25 +01:00
|
|
|
}
|
|
|
|
|
2016-03-23 04:19:22 +01:00
|
|
|
if (fsync(mapfd) == -1) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to fsync \"" << tmp_map_file << "\"";
|
2016-09-25 00:31:34 +02:00
|
|
|
return kUncryptFileSyncError;
|
2016-02-01 20:40:37 +01:00
|
|
|
}
|
2016-03-23 04:19:22 +01:00
|
|
|
if (close(mapfd.release()) == -1) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to close " << tmp_map_file;
|
2016-09-25 00:31:34 +02:00
|
|
|
return kUncryptFileCloseError;
|
2015-05-04 19:10:13 +02:00
|
|
|
}
|
2016-02-01 20:40:37 +01:00
|
|
|
|
2014-01-13 19:04:25 +01:00
|
|
|
if (encrypted) {
|
2016-03-23 04:19:22 +01:00
|
|
|
if (fsync(wfd) == -1) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to fsync \"" << blk_dev << "\"";
|
2016-09-25 00:31:34 +02:00
|
|
|
return kUncryptFileSyncError;
|
2015-05-04 19:10:13 +02:00
|
|
|
}
|
2016-03-23 04:19:22 +01:00
|
|
|
if (close(wfd.release()) == -1) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to close " << blk_dev;
|
2016-09-25 00:31:34 +02:00
|
|
|
return kUncryptFileCloseError;
|
2016-02-01 20:40:37 +01:00
|
|
|
}
|
2014-01-13 19:04:25 +01:00
|
|
|
}
|
|
|
|
|
2016-02-01 20:40:37 +01:00
|
|
|
if (rename(tmp_map_file.c_str(), map_file) == -1) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to rename " << tmp_map_file << " to " << map_file;
|
2016-09-25 00:31:34 +02:00
|
|
|
return kUncryptFileRenameError;
|
2016-02-01 20:40:37 +01:00
|
|
|
}
|
|
|
|
// Sync dir to make rename() result written to disk.
|
|
|
|
std::string file_name = map_file;
|
|
|
|
std::string dir_name = dirname(&file_name[0]);
|
2016-03-23 04:19:22 +01:00
|
|
|
android::base::unique_fd dfd(open(dir_name.c_str(), O_RDONLY | O_DIRECTORY));
|
|
|
|
if (dfd == -1) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to open dir " << dir_name;
|
2016-09-25 00:31:34 +02:00
|
|
|
return kUncryptFileOpenError;
|
2016-02-01 20:40:37 +01:00
|
|
|
}
|
2016-03-23 04:19:22 +01:00
|
|
|
if (fsync(dfd) == -1) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to fsync " << dir_name;
|
2016-09-25 00:31:34 +02:00
|
|
|
return kUncryptFileSyncError;
|
2016-02-01 20:40:37 +01:00
|
|
|
}
|
2016-03-23 04:19:22 +01:00
|
|
|
if (close(dfd.release()) == -1) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to close " << dir_name;
|
2016-09-25 00:31:34 +02:00
|
|
|
return kUncryptFileCloseError;
|
2016-02-01 20:40:37 +01:00
|
|
|
}
|
2014-01-13 19:04:25 +01:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2016-02-25 21:38:53 +01:00
|
|
|
static int uncrypt(const char* input_path, const char* map_file, const int socket) {
|
2016-08-06 03:00:04 +02:00
|
|
|
LOG(INFO) << "update package is \"" << input_path << "\"";
|
2014-08-26 18:15:08 +02:00
|
|
|
|
2017-07-27 20:42:17 +02:00
|
|
|
// Turn the name of the file we're supposed to convert into an absolute path, so we can find
|
|
|
|
// what filesystem it's on.
|
2014-01-13 19:04:25 +01:00
|
|
|
char path[PATH_MAX+1];
|
2017-07-27 20:42:17 +02:00
|
|
|
if (realpath(input_path, path) == nullptr) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to convert \"" << input_path << "\" to absolute path";
|
2017-07-27 20:42:17 +02:00
|
|
|
return kUncryptRealpathFindError;
|
2014-01-13 19:04:25 +01:00
|
|
|
}
|
|
|
|
|
2015-05-06 03:36:45 +02:00
|
|
|
bool encryptable;
|
|
|
|
bool encrypted;
|
2017-12-08 22:19:23 +01:00
|
|
|
bool f2fs_fs;
|
|
|
|
const char* blk_dev = find_block_device(path, &encryptable, &encrypted, &f2fs_fs);
|
2017-07-27 20:42:17 +02:00
|
|
|
if (blk_dev == nullptr) {
|
2016-08-06 03:00:04 +02:00
|
|
|
LOG(ERROR) << "failed to find block device for " << path;
|
2017-07-27 20:42:17 +02:00
|
|
|
return kUncryptBlockDeviceFindError;
|
2014-01-13 19:04:25 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
// If the filesystem it's on isn't encrypted, we only produce the
|
|
|
|
// block map, we don't rewrite the file contents (it would be
|
|
|
|
// pointless to do so).
|
2016-08-06 03:00:04 +02:00
|
|
|
LOG(INFO) << "encryptable: " << (encryptable ? "yes" : "no");
|
|
|
|
LOG(INFO) << " encrypted: " << (encrypted ? "yes" : "no");
|
2014-01-13 19:04:25 +01:00
|
|
|
|
2014-09-05 17:22:12 +02:00
|
|
|
// Recovery supports installing packages from 3 paths: /cache,
|
|
|
|
// /data, and /sdcard. (On a particular device, other locations
|
|
|
|
// may work, but those are three we actually expect.)
|
|
|
|
//
|
|
|
|
// On /data we want to convert the file to a block map so that we
|
|
|
|
// can read the package without mounting the partition. On /cache
|
|
|
|
// and /sdcard we leave the file alone.
|
2015-05-22 01:44:44 +02:00
|
|
|
if (strncmp(path, "/data/", 6) == 0) {
|
2016-08-06 03:00:04 +02:00
|
|
|
LOG(INFO) << "writing block map " << map_file;
|
2017-12-08 22:19:23 +01:00
|
|
|
return produce_block_map(path, map_file, blk_dev, encrypted, f2fs_fs, socket);
|
2014-01-13 19:04:25 +01:00
|
|
|
}
|
|
|
|
|
2015-05-22 01:44:44 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2016-09-25 00:31:34 +02:00
|
|
|
static void log_uncrypt_error_code(UncryptErrorCode error_code) {
|
2016-09-25 00:31:34 +02:00
|
|
|
if (!android::base::WriteStringToFile(android::base::StringPrintf(
|
2016-09-25 00:31:34 +02:00
|
|
|
"uncrypt_error: %d\n", error_code), UNCRYPT_STATUS)) {
|
2016-09-25 00:31:34 +02:00
|
|
|
PLOG(WARNING) << "failed to write to " << UNCRYPT_STATUS;
|
|
|
|
}
|
2016-09-25 00:31:34 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
static bool uncrypt_wrapper(const char* input_path, const char* map_file, const int socket) {
|
|
|
|
// Initialize the uncrypt error to kUncryptErrorPlaceholder.
|
|
|
|
log_uncrypt_error_code(kUncryptErrorPlaceholder);
|
2016-09-25 00:31:34 +02:00
|
|
|
|
2016-01-27 01:50:15 +01:00
|
|
|
std::string package;
|
|
|
|
if (input_path == nullptr) {
|
|
|
|
if (!find_uncrypt_package(UNCRYPT_PATH_FILE, &package)) {
|
2016-02-25 21:38:53 +01:00
|
|
|
write_status_to_socket(-1, socket);
|
2016-09-25 00:31:34 +02:00
|
|
|
// Overwrite the error message.
|
2016-09-25 00:31:34 +02:00
|
|
|
log_uncrypt_error_code(kUncryptPackageMissingError);
|
2016-02-25 21:38:53 +01:00
|
|
|
return false;
|
2015-05-22 01:44:44 +02:00
|
|
|
}
|
2016-01-27 01:50:15 +01:00
|
|
|
input_path = package.c_str();
|
|
|
|
}
|
|
|
|
CHECK(map_file != nullptr);
|
2016-09-09 19:55:44 +02:00
|
|
|
|
|
|
|
auto start = std::chrono::system_clock::now();
|
2016-02-25 21:38:53 +01:00
|
|
|
int status = uncrypt(input_path, map_file, socket);
|
2016-09-25 00:31:34 +02:00
|
|
|
std::chrono::duration<double> duration = std::chrono::system_clock::now() - start;
|
|
|
|
int count = static_cast<int>(duration.count());
|
|
|
|
|
|
|
|
std::string uncrypt_message = android::base::StringPrintf("uncrypt_time: %d\n", count);
|
2016-01-27 01:50:15 +01:00
|
|
|
if (status != 0) {
|
2016-09-25 00:31:34 +02:00
|
|
|
// Log the time cost and error code if uncrypt fails.
|
|
|
|
uncrypt_message += android::base::StringPrintf("uncrypt_error: %d\n", status);
|
|
|
|
if (!android::base::WriteStringToFile(uncrypt_message, UNCRYPT_STATUS)) {
|
|
|
|
PLOG(WARNING) << "failed to write to " << UNCRYPT_STATUS;
|
|
|
|
}
|
|
|
|
|
2016-02-25 21:38:53 +01:00
|
|
|
write_status_to_socket(-1, socket);
|
|
|
|
return false;
|
2016-01-27 01:50:15 +01:00
|
|
|
}
|
2016-09-09 19:55:44 +02:00
|
|
|
|
2016-09-25 00:31:34 +02:00
|
|
|
if (!android::base::WriteStringToFile(uncrypt_message, UNCRYPT_STATUS)) {
|
2016-09-09 19:55:44 +02:00
|
|
|
PLOG(WARNING) << "failed to write to " << UNCRYPT_STATUS;
|
|
|
|
}
|
|
|
|
|
2016-02-25 21:38:53 +01:00
|
|
|
write_status_to_socket(100, socket);
|
2016-09-09 19:55:44 +02:00
|
|
|
|
2016-02-25 21:38:53 +01:00
|
|
|
return true;
|
2016-01-27 01:50:15 +01:00
|
|
|
}
|
2015-05-29 23:24:02 +02:00
|
|
|
|
2016-02-25 21:38:53 +01:00
|
|
|
static bool clear_bcb(const int socket) {
|
2016-04-07 00:52:18 +02:00
|
|
|
std::string err;
|
|
|
|
if (!clear_bootloader_message(&err)) {
|
2016-08-06 03:00:04 +02:00
|
|
|
LOG(ERROR) << "failed to clear bootloader message: " << err;
|
2016-02-25 21:38:53 +01:00
|
|
|
write_status_to_socket(-1, socket);
|
|
|
|
return false;
|
2016-01-27 01:50:15 +01:00
|
|
|
}
|
2016-02-25 21:38:53 +01:00
|
|
|
write_status_to_socket(100, socket);
|
|
|
|
return true;
|
2016-01-27 01:50:15 +01:00
|
|
|
}
|
|
|
|
|
2016-02-25 21:38:53 +01:00
|
|
|
static bool setup_bcb(const int socket) {
|
|
|
|
// c5. receive message length
|
|
|
|
int length;
|
|
|
|
if (!android::base::ReadFully(socket, &length, 4)) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to read the length";
|
2016-02-25 21:38:53 +01:00
|
|
|
return false;
|
2016-01-27 01:50:15 +01:00
|
|
|
}
|
2016-02-25 21:38:53 +01:00
|
|
|
length = ntohl(length);
|
|
|
|
|
|
|
|
// c7. receive message
|
2016-01-27 01:50:15 +01:00
|
|
|
std::string content;
|
2016-02-25 21:38:53 +01:00
|
|
|
content.resize(length);
|
|
|
|
if (!android::base::ReadFully(socket, &content[0], length)) {
|
2016-12-13 02:10:20 +01:00
|
|
|
PLOG(ERROR) << "failed to read the message";
|
2016-02-25 21:38:53 +01:00
|
|
|
return false;
|
2016-01-27 01:50:15 +01:00
|
|
|
}
|
2016-08-06 03:00:04 +02:00
|
|
|
LOG(INFO) << " received command: [" << content << "] (" << content.size() << ")";
|
2016-06-09 23:09:39 +02:00
|
|
|
std::vector<std::string> options = android::base::Split(content, "\n");
|
|
|
|
std::string wipe_package;
|
|
|
|
for (auto& option : options) {
|
|
|
|
if (android::base::StartsWith(option, "--wipe_package=")) {
|
|
|
|
std::string path = option.substr(strlen("--wipe_package="));
|
|
|
|
if (!android::base::ReadFileToString(path, &wipe_package)) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to read " << path;
|
2016-06-09 23:09:39 +02:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
option = android::base::StringPrintf("--wipe_package_size=%zu", wipe_package.size());
|
|
|
|
}
|
|
|
|
}
|
2016-02-25 21:38:53 +01:00
|
|
|
|
|
|
|
// c8. setup the bcb command
|
2016-04-07 00:52:18 +02:00
|
|
|
std::string err;
|
2016-06-09 23:09:39 +02:00
|
|
|
if (!write_bootloader_message(options, &err)) {
|
2016-08-06 03:00:04 +02:00
|
|
|
LOG(ERROR) << "failed to set bootloader message: " << err;
|
2016-02-25 21:38:53 +01:00
|
|
|
write_status_to_socket(-1, socket);
|
|
|
|
return false;
|
2016-01-27 01:50:15 +01:00
|
|
|
}
|
2016-06-09 23:09:39 +02:00
|
|
|
if (!wipe_package.empty() && !write_wipe_package(wipe_package, &err)) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to set wipe package: " << err;
|
2016-06-09 23:09:39 +02:00
|
|
|
write_status_to_socket(-1, socket);
|
|
|
|
return false;
|
|
|
|
}
|
2016-02-25 21:38:53 +01:00
|
|
|
// c10. send "100" status
|
|
|
|
write_status_to_socket(100, socket);
|
|
|
|
return true;
|
2016-01-27 01:50:15 +01:00
|
|
|
}
|
2016-01-12 22:54:44 +01:00
|
|
|
|
2016-01-27 01:50:15 +01:00
|
|
|
static void usage(const char* exename) {
|
|
|
|
fprintf(stderr, "Usage of %s:\n", exename);
|
|
|
|
fprintf(stderr, "%s [<package_path> <map_file>] Uncrypt ota package.\n", exename);
|
|
|
|
fprintf(stderr, "%s --clear-bcb Clear BCB data in misc partition.\n", exename);
|
|
|
|
fprintf(stderr, "%s --setup-bcb Setup BCB data by command file.\n", exename);
|
|
|
|
}
|
|
|
|
|
|
|
|
int main(int argc, char** argv) {
|
2016-07-01 00:31:51 +02:00
|
|
|
enum { UNCRYPT, SETUP_BCB, CLEAR_BCB, UNCRYPT_DEBUG } action;
|
2016-02-25 21:38:53 +01:00
|
|
|
const char* input_path = nullptr;
|
|
|
|
const char* map_file = CACHE_BLOCK_MAP.c_str();
|
|
|
|
|
|
|
|
if (argc == 2 && strcmp(argv[1], "--clear-bcb") == 0) {
|
|
|
|
action = CLEAR_BCB;
|
|
|
|
} else if (argc == 2 && strcmp(argv[1], "--setup-bcb") == 0) {
|
|
|
|
action = SETUP_BCB;
|
|
|
|
} else if (argc == 1) {
|
|
|
|
action = UNCRYPT;
|
|
|
|
} else if (argc == 3) {
|
|
|
|
input_path = argv[1];
|
|
|
|
map_file = argv[2];
|
2016-07-01 00:31:51 +02:00
|
|
|
action = UNCRYPT_DEBUG;
|
2016-02-25 21:38:53 +01:00
|
|
|
} else {
|
|
|
|
usage(argv[0]);
|
|
|
|
return 2;
|
|
|
|
}
|
|
|
|
|
|
|
|
if ((fstab = read_fstab()) == nullptr) {
|
2016-09-25 00:31:34 +02:00
|
|
|
log_uncrypt_error_code(kUncryptFstabReadError);
|
2016-02-25 21:38:53 +01:00
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2016-07-01 00:31:51 +02:00
|
|
|
if (action == UNCRYPT_DEBUG) {
|
2016-08-06 03:00:04 +02:00
|
|
|
LOG(INFO) << "uncrypt called in debug mode, skip socket communication";
|
2016-07-01 00:31:51 +02:00
|
|
|
bool success = uncrypt_wrapper(input_path, map_file, -1);
|
|
|
|
if (success) {
|
2016-08-06 03:00:04 +02:00
|
|
|
LOG(INFO) << "uncrypt succeeded";
|
2016-07-01 00:31:51 +02:00
|
|
|
} else{
|
2016-08-06 03:00:04 +02:00
|
|
|
LOG(INFO) << "uncrypt failed";
|
2016-07-01 00:31:51 +02:00
|
|
|
}
|
|
|
|
return success ? 0 : 1;
|
|
|
|
}
|
|
|
|
|
2016-02-25 21:38:53 +01:00
|
|
|
// c3. The socket is created by init when starting the service. uncrypt
|
|
|
|
// will use the socket to communicate with its caller.
|
2016-03-29 21:44:09 +02:00
|
|
|
android::base::unique_fd service_socket(android_get_control_socket(UNCRYPT_SOCKET.c_str()));
|
|
|
|
if (service_socket == -1) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to open socket \"" << UNCRYPT_SOCKET << "\"";
|
2016-09-25 00:31:34 +02:00
|
|
|
log_uncrypt_error_code(kUncryptSocketOpenError);
|
2016-02-25 21:38:53 +01:00
|
|
|
return 1;
|
|
|
|
}
|
2016-03-29 21:44:09 +02:00
|
|
|
fcntl(service_socket, F_SETFD, FD_CLOEXEC);
|
2016-02-25 21:38:53 +01:00
|
|
|
|
2016-03-29 21:44:09 +02:00
|
|
|
if (listen(service_socket, 1) == -1) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to listen on socket " << service_socket.get();
|
2016-09-25 00:31:34 +02:00
|
|
|
log_uncrypt_error_code(kUncryptSocketListenError);
|
2016-02-25 21:38:53 +01:00
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
2016-03-29 21:44:09 +02:00
|
|
|
android::base::unique_fd socket_fd(accept4(service_socket, nullptr, nullptr, SOCK_CLOEXEC));
|
|
|
|
if (socket_fd == -1) {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to accept on socket " << service_socket.get();
|
2016-09-25 00:31:34 +02:00
|
|
|
log_uncrypt_error_code(kUncryptSocketAcceptError);
|
2016-02-25 21:38:53 +01:00
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
bool success = false;
|
|
|
|
switch (action) {
|
|
|
|
case UNCRYPT:
|
2016-03-29 21:44:09 +02:00
|
|
|
success = uncrypt_wrapper(input_path, map_file, socket_fd);
|
2016-02-25 21:38:53 +01:00
|
|
|
break;
|
|
|
|
case SETUP_BCB:
|
2016-03-29 21:44:09 +02:00
|
|
|
success = setup_bcb(socket_fd);
|
2016-02-25 21:38:53 +01:00
|
|
|
break;
|
|
|
|
case CLEAR_BCB:
|
2016-03-29 21:44:09 +02:00
|
|
|
success = clear_bcb(socket_fd);
|
2016-02-25 21:38:53 +01:00
|
|
|
break;
|
|
|
|
default: // Should never happen.
|
2016-08-06 03:00:04 +02:00
|
|
|
LOG(ERROR) << "Invalid uncrypt action code: " << action;
|
2016-02-25 21:38:53 +01:00
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
// c13. Read a 4-byte code from the client before uncrypt exits. This is to
|
|
|
|
// ensure the client to receive the last status code before the socket gets
|
|
|
|
// destroyed.
|
|
|
|
int code;
|
2016-03-29 21:44:09 +02:00
|
|
|
if (android::base::ReadFully(socket_fd, &code, 4)) {
|
2016-08-06 03:00:04 +02:00
|
|
|
LOG(INFO) << " received " << code << ", exiting now";
|
2016-02-25 21:38:53 +01:00
|
|
|
} else {
|
2016-08-06 03:00:04 +02:00
|
|
|
PLOG(ERROR) << "failed to read the code";
|
2015-05-06 03:36:45 +02:00
|
|
|
}
|
2016-02-25 21:38:53 +01:00
|
|
|
return success ? 0 : 1;
|
2014-01-13 19:04:25 +01:00
|
|
|
}
|