On 32bit devices, an ZipEntry64 may have size > 2^32, we should check
for such cases before attempting to allocate memory.
Test: mm -j
Change-Id: I0f916ef4b2a692f167719a74bd6ff2e887c6c2ce
There's already library support for zip64 in libziparchive. We just need
to start using the new APIs.
Bug: 167951876
Test: Sideload a large ota package in recovery
Change-Id: I652741965f28de079d873c6822317ee9fa855201
Implement the simulator runtime and build the updater simulator as a host
executable. The code to parse the target-files and mocks the block devices
will be submitted in the follow-up.
Bug: 131911365
Test: unit tests pass
Change-Id: Ib1ba939aec8333ca68a45139514d772ad7a27ad8
Remove some unnecessary includes or forward declarations. And include
the correct headers to build host executables.
Bug: 131911365
Test: unit tests pass
Change-Id: I62e75f60678159fe24619a4bd386b1416f1a5b5d
This class adds a wrapper to the runtime dependent functions. Therefore,
the behavior of update on device stays the same, while simulators can
have their own implementations. Also change the caller side of the
registered updater functions to call these runtime wrappers.
Bug: 131911365
Test: unit tests pass, sideload an update on cuttlefish
Change-Id: Ib3ab67132991d67fc132f27120e4152439d16ac5
The UpdaterInfo class is merely a collection of pointers and POD types.
We can replace it with a Updater class that has the ownership of the
resources. This also makes this class extensible as we plan to add more
functionality in the host simulator.
Bug: 131911365
Test: unit tests pass, run an update on cuttlefish and check last_install
Change-Id: I07ca5963bbee8ae3cb85ccc184464910aa73d4e4
Test: sideload full OTA on cuttlefish
Test: sideload incremental OTA on cuttlefish (that grows
system, shrinks vendor, and move vendor to group foo)
Test: verify that /cache/recovery/cc46ebfd04058569d0c6c1431c6af6c1328458e4
exists (sha1sum of "system")
Bug: 111801737
Change-Id: Ibdf6565bc1b60f3665c01739b4c95a85f0261ae5
Now it's less beneficial to inject I/O faults since we don't see many of
them. Remove the library that mocks I/O failures. And switch to android::base
I/O when possible.
Bug: 113032079
Test: unit tests pass
Change-Id: I9f2a92b7ba80f4da6ff9e2abc27f2680138f942c
Also simplify the helper function expect() in {edify,updater}_test.cpp.
Test: Run recovery_component_test on marlin.
Change-Id: If54febba4b5013f6d71546318a1ca6b635204ac8
We have a general need for overriding more paths (e.g. "/tmp"), mostly
for testing purpose. Rename CacheLocation to Paths, and use that to
manage TEMPORARY_{INSTALL,LOG}_FILE.
Test: mmma -j bootable/recovery
Test: recovery_component_test
Change-Id: Ia8ce8e5695df37ca434f13ac4d3206de1e8e9396
Otherwise the applypatch executable will fail to back up the source
file to /cache when patching the recovery image.
Bug: 74198354
Test: run applypatch from boot to recovery
Change-Id: I6e5b9cd06d6ed0b26066b779a348437ecf984b92
This class allows us to set the following locations dynamically:
cache_temp_source, last_command_file, stash_directory_base.
In the updater's main function, we reset the values of these variables
to their default locations in /cache; while we can set them to temp
files in unit tests or host simulation.
Test: unit tests pass
Change-Id: I528652650caa41373617ab055d41b1f1a4ec0f87
This reverts commit 26436d6d60 to re-land
"Move error_code.h into otautil.".
This way it stops requiring relative path ".." in LOCAL_C_INCLUDES
(uncrypt and edify). Soong doesn't accept non-local ".." in
"local_include_dirs".
This CL needs to land with device-specific module changes (e.g. adding
the dependency on libotautil).
Test: lunch aosp_{angler,bullhead,dragon,fugu,sailfish}-userdebug;
mmma bootable/recovery
Change-Id: If193241801af2dae73eccd31ce57cd2b81c9fd96
Use forward declartion to avoid pull in the module that contains
error_code.h (trying to move it into libotautil). Otherwise all the
modules that include "edify/expr.h" need to depend on the module that
exports error_code.h.
.cpp sources should include "error_code.h" explicitly to use the enums.
Test: lunch aosp_{angler,bullhead,dragon,fugu,sailfish}-userdebug;
mmma bootable/recovery
Change-Id: Ic82db2746c7deb866e8cdfb3c57e0b1ecc71c4dc
Fixed by Loading the file_contexts specified in libselinux, whereas
previously recovery loaded /file_contexts which no longer exists.
Bug: 62587423
Test: build and flash recovery on Angler. Warning is gone.
Test: Wipe data and cache.
Test: sideload OTA
Change-Id: I11581c878b860ac5f412e6e8e7acde811f37870f
(cherry picked from commit 2330dd8733)
We have seen one case when bspatch failed likely due to patch
corruption. Since the package has passed verification before, we want
to reboot and retry the patch command again since there's no
alternative for users.
We won't delete the stash before reboot, and the src has passed SHA1
check. If there's an error on the patch, it will fail the package
verification during retry.
Bug: 37855643
Test: angler reboots and retries the update when bspatch fails.
Change-Id: I2ebac9621bd1f0649bb301b9a28a0dd079ed4e1d
We didn't report error/cause codes unless there's an explict "Abort()"
call inside the updater script. As a result, some cause codes set by
ErrorAbort() didn't show up in last_install.
To fix the issue, add a default error code when the script terminates
abnormally (i.e. with non zero status).
Bug: 37912405
Test: error/cause code shows up in last_install when argument parsing fails
Change-Id: Ic6d3bd1855b853aeaa0760071e593a00cf6f0209
And switch them to std::vector & std::unique_ptr
Bug: 32117870
Test: recovery tests passed on sailfish
Change-Id: I5a45951c4bdf895be311d6d760e52e7a1b0798c3
Currently the ui_print command between the recovery and updater doesn't
append newline. Updater has to send an extra "ui_print" command without
any argument to get the line break. This looks unnecessary. And not all
the callers (including the ones in bootable/recovery) are following this
protocol when sending the ui_print command.
This CL simplifies the protocol to always print with a newline for
ui_print command. When updating from an old recovery with the new
updater, all the ui_print'd strings would appear in one line as a side
effect. But a) it would only affect the text-mode UI, which won't be
shown to users; b) log files won't be affected.
Bug: 32305035
Test: Apply an update with the new updater on top of an old and new
recovery image respectively.
Change-Id: I305a0ffc6f180daf60919cf99d24d1495d68749b
We could inject I/O faults during an OTA update for test purpose. But we
should skip the injection if the update is an retry. Otherwise the
update test will simply keeps failing.
Bug: 34159970
Test: Apply the same package on angler and the update succeeds on the 2nd try.
Change-Id: Id274e5475e3bc8d25d50a8cf61a77d2e32c569d6
Clean up the duplicated codes that handle the zip files in
bootable/recovery; and rename the library of the remaining
utility functions to libotautil.
Test: Update package installed successfully on angler.
Bug: 19472796
Change-Id: Iea8962fcf3004473cb0322b6bb3a9ea3ca7f679e
Changing the field of 'Value' in edify to std::string from char*.
Meanwhile cleaning up the users of 'Value' and switching them to
cpp style.
Test: compontent tests passed.
Bug: 31713288
Change-Id: Iec5a7d601b1e4ca40935bf1c70d325dafecec235
- Remove dead declarations in expr.h: SetError(), GetError(),
ClearError().
- Remove the declaration of Build() out of expr.h.
- Use std::unordered_map to implement RegisterFunction() and
FindFunction(); kill FinishRegistration().
- Add a testcase for calling unknown functions.
Test: mmma bootable/recovery; recovery_component_test passes.
Change-Id: I9af6825ae677f92b22d716a4a5682f58522af03b
So that we can write native tests for updater functions. This CL adds a
testcase for getprop() function.
Test: mmma bootable/recovery; Run recovery_component_test on device.
Change-Id: Iff4c1ff63c5c71aded2f9686fed6b71cc298c228
This way we kill a few strdup() and free() calls.
Test: 1. recovery_component_test still passes;
2. Applying an update with the new updater works;
3. The error code in a script with abort("E310: xyz") is recorded into
last_install correctly.
Change-Id: Ibda4da5937346e058a0d7cc81764d6f02920010a
If the update is a retry, ioctl(BLKDISCARD) the destination blocks before
writing to these blocks.
Bug: 28990135
Change-Id: I1e703808e68ebb1292cd66afd76be8fd6946ee59
Write error code, cause code, and retry count into last_install. So we
can have more information about the reason of a failed OTA.
Example of new last_install:
@/cache/recovery/block.map package name
0 install result
retry: 1 retry count (new)
error: 30 error code (new)
cause: 12 error cause (new)
Details in:
go/android-ota-errorcode
Bug: 28471955
Change-Id: I00e7153c821e7355c1be81a86c7f228108f3dc37
When I/O error happens, reboot and retry installation two times
before we abort this OTA update.
Bug: 25633753
Change-Id: Iba6d4203a343a725aa625a41d237606980d62f69
(cherry picked from commit 3c62b67faf)
When I/O error happens, reboot and retry installation two times
before we abort this OTA update.
Bug: 25633753
Change-Id: Iba6d4203a343a725aa625a41d237606980d62f69
