Commit graph

166 commits

Author SHA1 Message Date
Tianjie Xu
0188935d55 Skip stashing source blocks in verify mode
Currently block_image_verify() stashes source blocks to /cache and
in some case triggers I/O errors. To avoid this risk, We create
a map from the hash value to the source blocks' range_set. When
executing stash command in verify mode, source range is saved but block
contents aren't stashed. And load_stash could get its value from
either the stashed file from the previous update, or the contents on
the source partition specified by the saved range.

Bug: 27584487
Bug: 25633753
Change-Id: I775baf4bee55762b6e7b204f8294afc597afd996
2016-03-23 15:19:18 -07:00
Jed Estep
f73abf36bc DO NOT MERGE Control fault injection with config files instead of build flags
Bug: 26570379
Change-Id: I76109d09276d6e3ed3a32b6fedafb2582f545c0c
2016-03-16 12:36:57 -07:00
Yabin Cui
1c522df25f applypatch: use vector to store data in FileContents.
Cherry pick this patch because it fixes the problem that
a newed Value is released by free().

Bug: 26906416
Change-Id: Ib53b445cd415a1ed5e95733fbc4073f9ef4dbc43
(cherry picked from commit d6c93afcc2)
2016-03-11 11:11:11 -08:00
Tianjie Xu
fa12b9737d Reboot and retry on I/O errors
When I/O error happens, reboot and retry installation two times
before we abort this OTA update.

Bug: 25633753
Change-Id: Iba6d4203a343a725aa625a41d237606980d62f69
(cherry picked from commit 3c62b67faf)
2016-03-10 11:50:28 -08:00
Yabin Cui
6ab3c817ff Merge "updater: fix memory leak based on static analysis." am: e50d447692
am: 66b02c4ce5

* commit '66b02c4ce5b175451e723c463e6e9d19ab7872fa':
  updater: fix memory leak based on static analysis.
2016-02-05 17:25:49 +00:00
Yabin Cui
64be2135d8 updater: fix memory leak based on static analysis.
Bug: 26907377
Change-Id: I384c0131322b2d12f0ef489735e70e86819846a4
2016-02-04 14:49:06 -08:00
Tao Bao
50aa63f9bd resolve merge conflicts of 7b6027dde4 to master.
Change-Id: I1d5232f61744bb18ca5de3a16a340bc3afd110bb
2016-02-04 11:26:29 -08:00
Sen Jiang
c48cb5e597 Switch from mincrypt to BoringSSL in applypatch and updater.
Bug: 18790686
Change-Id: I7d2136fb39b2266f5ae5be24819c617b08a6c21e
2016-02-04 16:27:43 +08:00
Jed Estep
b1cc5d8434 Merge "IO fault injection for OTA packages" 2016-01-08 23:28:32 +00:00
Tianjie Xu
57bed6d8c9 updater: Add a function to check first block
Add and register a function to check if the device has been remounted
since last update during incremental OTA. This function reads block 0
and executes before partition recovery for version >= 4.

Bug: 21124327
Change-Id: I8b915b9f1d4736b3609daa9d16bd123225be357f
(cherry picked from commit 30bf476559)
2016-01-07 11:19:48 -08:00
Jed Estep
f1fc48c6e6 IO fault injection for OTA packages
Bug: 25951086
Change-Id: I31c74c735eb7a975b7f41fe2b2eff042e5699c0c
2016-01-06 12:23:42 -08:00
Tianjie Xu
30bf476559 updater: Add a function to check first block
Add and register a function to check if the device has been remounted
since last update during incremental OTA. This function reads block 0
and executes before partition recovery for version >= 4.

Bug: 21124327
Change-Id: I8b915b9f1d4736b3609daa9d16bd123225be357f
2015-12-18 13:35:35 -08:00
Tao Bao
d3cac34430 updater: Use O_SYNC and fsync() for package_extract_file().
We are already using O_SYNC and fsync() for the recursive case
(package_extract_dir()). Make it consistent for the single-file case.

Bug: 20625549
Change-Id: I487736fe5a0647dd4a2428845e76bf642e0f0dff
2015-12-14 17:13:34 -08:00
Tianjie Xu
3b010bc393 updater: Output msg when recovery is called
Output messages in log when recovery is attempted or succeeded during
incremental OTA update.

Change-Id: I4033df7ae3aaecbc61921d5337eda26f79164fda
(cherry picked from commit b686ba2114)
2015-12-10 16:20:48 -08:00
Tao Bao
baad2d454d updater: Replace strtok() with android::base::Split().
Change-Id: I36346fa199a3261da1ae1bc310b3557fe1716d96
2015-12-06 16:56:27 -08:00
Elliott Hughes
4b166f0e69 Track rename from base/ to android-base/.
Change-Id: I354a8c424d340a9abe21fd716a4ee0d3b177d86f
2015-12-04 15:30:20 -08:00
Tao Bao
1fdec8685a updater: Bump up the BBOTA version to 4.
To accommodate new changes in N release, such as error correction [1]
and other potential changes to the updater.

[1]: commit 0a7b47397d

Change-Id: I4dd44417d07dd0a31729894628635a0aa1659008
2015-10-22 17:04:28 -07:00
Sami Tolvanen
0a7b47397d Error correction: Use libfec in blockimg.cpp for recovery
Add block_image_recover function to rewrite corrupted blocks on the
partition. This can be attempted if block_image_verify fails.

Note that we cannot use libfec during block_image_update as it may
overwrite blocks required for error correction. A separate recovery
pass in case the image is corrupted is the only viable option.

Bug: 21893453
Change-Id: I6ff25648fff68d5f50b41a601c95c509d1cc5bce
2015-10-19 10:04:38 +01:00
Tao Bao
6a47dffde5 updater: Skip empty lines in the transfer list file.
We have the last line being empty as a result of
android::base::Split("a\nb\n"), which leads to "missing command"
warnings in the update. Just skip all the empty lines.

Bug: 24373789
Change-Id: I5827e4600bd5cf0418d95477e4592fec47bbd3a9
2015-09-25 17:12:28 -07:00
Tao Bao
b15fd224ed updater: Use android::base::ParseInt() to parse integers.
Change-Id: Ic769eafc8d9535b1d517d3dcbd398c3fd65cddd9
2015-09-24 12:14:37 -07:00
Tao Bao
5701d5829d Suppress some compiler warnings due to signedness.
Change-Id: I63f28b3b4ba4185c23b972fc8f93517295b1672a
2015-09-24 11:06:58 -07:00
Tao Bao
a42a322d8f Merge "updater: Manage buffers with std::vector." 2015-09-16 19:12:14 +00:00
Tao Bao
1107d96746 updater: Fix the line breaks in ui_print commands.
When processing ui_print commands in the updater, it misses a line break
when printing to the recovery log.

Also clean up uiPrintf() and UIPrintFn() with std::string's.

Change-Id: Ie5dbbfbc40b024929887d3c3ccd3a334249a8c9d
2015-09-10 10:17:56 -07:00
Tao Bao
612336ddc1 updater: Manage buffers with std::vector.
Change-Id: Ide489e18dd8daf161b612f65b28921b61cdd8d8d
2015-09-09 17:44:23 -07:00
Tao Bao
34847b2c70 updater: Replace the pointers in LoadSrcTgtVersion[1-3]() parameter.
And inline the call to LoadSrcTgtVersion1() into SaveStash().

Change-Id: Ibf4ef2bfa2cc62df59c4e8de99fd7d8039e71ecf
2015-09-08 11:08:00 -07:00
Tao Bao
0940fe17b0 updater: Clean up C codes.
Replace C-string with std::string, pointers with references, and
variable-size arrays in struct with std::vector.

Change-Id: I57f361a0e58286cbcd113e9be225981da56721b2
2015-09-01 12:57:35 -07:00
Tao Bao
9739a2920c updater: Remove the unused isunresumable in SaveStash().
Change-Id: I6a8d9bea4c1cd8ea7b534682061b90e893b227a2
2015-08-25 18:05:38 -07:00
Shrinivas Sahukar
a6153df887 GOOGLEGMS-749 Fix integer overflow while applying block based OTA package
There is an integer overflow when the size of system goes beyond the
signed int limits. Hence changing pos to size_t.

Change-Id: I6e5e1b2f0e72030b30a6df09a01642f4c82abc79
2015-08-21 15:59:28 -07:00
Tao Bao
e6aa3326c1 updater: Clean up char* with std::string.
So we can remove a few free()s. And also replace a few pointers with
references.

Change-Id: I4b6332216704f4f9ea4a044b8d4bb7aa42a7ef26
2015-08-06 13:05:00 -07:00
Tao Bao
dc3922622a udpater: Call fsync() after rename().
We need to ensure the renamed filename reaches the underlying storage.

Bug: 22840552
Change-Id: Ide2e753a2038691d472b6ee173cbf68ac998a084
2015-08-03 21:35:05 -07:00
Tao Bao
187efff6f3 updater: Hoist fsync() to outer loop.
Currently the fsync() inside write_all() may be called multiple times
when performing a command. Move that to the outer loop and call it
only after completing the command.

Also remove the O_SYNC flag when writing a stash.

Change-Id: I71e51d76051a2f7f504eef1aa585d2cb7a000d80
2015-07-27 14:17:09 -07:00
Tao Bao
ba8a6789f7 updater: libapplypatch needs libbase now.
Change-Id: I18da9e6da64fccab495dc5a96e3efd95cc6d88bf
(cherry picked from commit 1b1ea17d55)
2015-07-24 11:09:36 -07:00
Tao Bao
ba9a42aa7e recovery: Switch applypatch/ and updater/ to cpp.
Mostly trivial changes to make cpp compiler happy.

Change-Id: I69bd1d96fcccf506007f6144faf37e11cfba1270
2015-07-13 17:21:31 -07:00
Tao Bao
9c67aa2d2b Revert "Zero blocks before BLKDISCARD"
This reverts commit b65f0272c8.

It slows down the update too much on some devices (e.g. increased
from 8 mins to 40 mins to take a full OTA update).

Bug: 22129621
Change-Id: I016e3b47313e3113f01bb4f8eb3c14856bdc35e5
(cherry picked from commit 7125f9594d)
2015-07-11 08:35:55 -07:00
Tao Bao
c0f56ad766 More accurate checking for overlapped ranges.
A RangeSet has half-closed half-open bounds. For example, "3,5" contains
blocks 3 and 4. So "3,5" and "5,7" are actually not overlapped.

Bug: 22098085
Change-Id: I75e54a6506f2a20255d782ee710e889fad2eaf29
2015-06-25 17:07:45 -07:00
Sami Tolvanen
a3c75e3ea6 Zero blocks before BLKDISCARD
Due to observed BLKDISCARD flakiness, overwrite blocks that we want
to discard with zeros first to avoid later issues with dm-verity if
BLKDISCARD is not successful.

Bug: 20614277
Bug: 20881595
Change-Id: I4f6f2db39db990879ff10468c9db41606497bd6f
2015-06-10 17:09:48 +01:00
Sami Tolvanen
e82fa18d3d Revert "Zero blocks before BLKDISCARD"
This reverts commit 96392b97f6.

Change-Id: I77acc27158bad3cd8948390a3955197646a43a31
2015-06-10 15:58:12 +00:00
Sami Tolvanen
96392b97f6 Zero blocks before BLKDISCARD
Due to observed BLKDISCARD flakiness, overwrite blocks that we want
to discard with zeros first to avoid later issues with dm-verity if
BLKDISCARD is not successful.

Bug: 20614277
Bug: 20881595
Change-Id: I0280fe115b020dcab35f49041fb55b7f8e793da3
2015-06-09 21:57:06 +01:00
Tao Bao
80e46e08de recovery: Switch to clang
And a few trival fixes to suppress warnings.

Change-Id: I38734b5f4434643e85feab25f4807b46a45d8d65
2015-06-03 11:30:03 -07:00
Tao Bao
1eb9003b77 Fix build: fprintf without modifier
Change-Id: I66ae21a25a25fa3c70837bc54a7d406182d4cf37
2015-06-03 09:55:38 -07:00
Tao Bao
a69e608a52 Merge "Log update outputs in order" 2015-06-03 16:15:50 +00:00
Tao Bao
b6918c7c43 Log update outputs in order
Although stdout and stderr are both redirected to log file with no
buffering, we are seeing some outputs are mixed in random order.
This is because ui_print commands from the updater are passed to the
recovery binary via a pipe, which may interleave with other outputs
that go to stderr directly.

In recovery, adding ui::PrintOnScreenOnly() function to handle
ui_print command, which skips printing to stdout. Meanwhile, updater
prints the contents to stderr in addition to piping them to recovery.

Change-Id: Idda93ea940d2e23a0276bb8ead4aa70a3cb97700
2015-06-02 22:15:40 -07:00
Elliott Hughes
1441a9654f Merge "Really don't use TEMP_FAILURE_RETRY with close in recovery." 2015-05-29 18:02:57 +00:00
Elliott Hughes
b3ac676192 Really don't use TEMP_FAILURE_RETRY with close in recovery.
I missed one last time.

Bug: http://b/20501816
Change-Id: I9896ee2704237d61ee169f898680761e946e0a56
2015-05-28 23:06:17 -07:00
Sami Tolvanen
cc2428c818 Handle BLKDISCARD failures
In the block updater, if BLKDISCARD fails, the error is silently
ignored and some of the blocks may not be erased. This means the
target partition will have inconsistent contents.

If the ioctl fails, return an error and abort the update.

Bug: 20614277
Change-Id: I33867ba9337c514de8ffae59f28584b285324067
2015-05-28 09:09:02 +01:00
Dan Albert
e49a9e527a Stop using libstdc++.
These are already getting libc++, so it isn't necessary. If any of the
other static libraries (such as adb) use new or delete from libc++,
there will be symbol collisions.

Change-Id: I55e43ec60006d3c2403122fa1174bde06f18e09f
2015-05-19 11:33:18 -07:00
Sami Tolvanen
6253753ab9 Merge "Add error and range checks to parse_range" 2015-05-18 08:08:54 +00:00
Elliott Hughes
b47afedb42 Don't use TEMP_FAILURE_RETRY on close in recovery.
Bug: http://b/20501816
Change-Id: I35efcd8dcec7a6492ba70602d380d9980cdda31f
2015-05-15 16:19:20 -07:00
Sami Tolvanen
f2bac04e1b Add error and range checks to parse_range
Only trusted input is passed to parse_range, but check for invalid
input to catch possible problems in transfer lists.

Bug: 21033983
Bug: 21034030
Bug: 21034172
Bug: 21034406
Change-Id: Ia17537a2d23d5f701522fbc42ed38924e1ee3366
2015-05-15 18:48:28 +01:00
Elliott Hughes
7bad7c4646 Check all lseek calls succeed.
Also add missing TEMP_FAILURE_RETRYs on read, write, and lseek.

Bug: http://b/20625546
Change-Id: I03b198e11c1921b35518ee2dd005a7cfcf4fd94b
2015-04-29 17:46:43 -07:00