The Pixel 2 system images release was a bit of a disaster because anyone
using an old version of fastboot would blindly flash too few partitions,
potentially bricking their device. This change lets us add a line to
the android-info.txt file for a device with a new partition.
Also error out sooner in such cases by checking the requirements
immediately, rather than optimistically unpacking everything first.
Switch Action over to C++ to fix memory issues.
Bug: http://b/77158188 (partition checking)
Bug: http://b/74444116 (error out sooner)
Test: manual testing with a modified android-info.txt
Change-Id: I58b426cad410107e368f35f5725216d07281dd97
Before:
extracting android-info.txt (0 MB)...
extracting boot.img (29 MB)...
target reported max download size of 536870912 bytes
archive does not contain 'boot.sig'
archive does not contain 'boot_other.img'
archive does not contain 'dtbo.img'
archive does not contain 'dt.img'
archive does not contain 'recovery.img'
extracting system.img (1928 MB)...
archive does not contain 'system.sig'
extracting system_other.img (574 MB)...
archive does not contain 'system.sig'
archive does not contain 'vbmeta.img'
After:
extracting android-info.txt (0 MB) to RAM...
extracting boot.img (29 MB) to disk... took 0.232s
target reported max download size of 536870912 bytes
archive does not contain 'boot.sig'
archive does not contain 'boot_other.img'
archive does not contain 'dtbo.img'
archive does not contain 'dt.img'
archive does not contain 'recovery.img'
extracting system.img (1928 MB) to disk... took 10.122s
archive does not contain 'system.sig'
extracting system_other.img (574 MB) to disk... took 3.424s
archive does not contain 'system.sig'
archive does not contain 'vbmeta.img'
Bug: http://b/69128980
Test: ran manually
Change-Id: Ib190d1cc56ad9da06a4f9a9e822f7dad4a9a53b7
Couldn't parse erase-block-size '0x'.
Couldn't parse logical-block-size '0x'.
mke2fs 1.43.3 (04-Sep-2016)
...
Some bootloaders explicitly return error on failed query (e.g. walleye),
while others return empty message (e.g. bullhead). We should just return
zero for empty message, instead of giving a misleading parsing error.
Test: `fastboot format userdata` on bullhead, with no parsing error.
Test: `fastboot format userdata` on walleye still works.
Change-Id: I194d41d24679929eccc65bfe895d6ab2a26315b7
Erase block sizes smaller than the ext4 block size may be valid, but
can incorrectly result in a stripe width smaller than the stride
size. Instead of reporting these sizes as invalid, add a check to
enforce that raid_stripe_width >= raid_stride.
Bug: 68770797
Test: Hack fb_getvar to report small erase block size, run fastboot
-w and confirm it does not print a warning or set stripe_width smaller
than stride.
Signed-off-by: Connor O'Brien <connoro@google.com>
Change-Id: I689ce4bdd5b38bd0952bb6de54785cca39176010
Previously fastboot would carry on regardless if decompression failed:
fastboot: archive does not contain 'vbmeta.img'
fastboot: extracting vendor.img (260 MB)...
fastboot: W/ziparchive(56777): Zip: unable to allocate 272781472 bytes at offset 0 : No space left on device
fastboot: failed to extract 'vendor.img': I/O error
fastboot: archive does not contain 'vendor_other.img'
fastboot: wiping userdata...
This is because all but "boot" and "system" are considered "optional",
and the implementation of "optional" was "ignore any failures". What it
_should_ have meant was "it's okay if these don't exist, but if they do,
failures matter".
Fix this logic, use die() more aggressively, and remove spurious "\n"s
from die() format strings.
Also fix spurious whitespace in the libziparchive format string. Before:
Zip: unable to allocate 272781472 bytes at offset 0 : No space left on device
After:
Zip: unable to allocate 272781472 bytes at offset 0: No space left on device
Bug: http://b/68383022
Test: `fastboot update` on marlin
Change-Id: I3cbf55f1a33ca125f293f873eafbcfb86c880ba8
we don't want to continue fastboot process if failed to
generate fs image. Print an error message and exit early.
Bug: 64915319
Change-Id: I5506d2a7a5063c188685633d6c3890239f9d658e
This can be used to disable verity and/or verification when flashing a
build to a device. It works with both 'fastboot flashall' and
'fastboot flash vbmeta /path/to/vbmeta.img'.
Bug: 62903976
Test: Manually tested.
Change-Id: Iad22d42a9dd5befd70ecd0224803721a10a28d90
mke2fs tool takes a filename and has its own open function to handle
output file. Change fastboot in preparation to switch from make_ext4
to mke2fs.
Test: fastboot format:ext4 userdata
Bug: 35219933
Change-Id: I7a31cb215f443a4a7cb0bfc23ec28c121a6101e6
Annoyingly folks parse the "adb --version" output so we have the
less-interesting protocol version first. But at least now we'll
have the "real" version somewhere...
Bug: N/A
Test: "adb --version"/"fastboot --version"
Change-Id: Ia85b561bd8d84c6fd6995923730d36f53b2f800b
Only show all the help if asked to, and have a few more descriptive
syntax errors.
Also show the help on stdout rather than stderr.
Bug: N/A
Test: manually ran "fastboot flash"/"fastboot update"/"fastboot flashall"
Change-Id: I59abd60e58a56fe7e44da5116a702087c36e14ce
(cherry-picked from internal nyc-iot-dev to AOSP)
New user-level command usage:
* fastboot get_staged <outfile>
Reads staged data from the last command handled by the device. If the
last command did not result in staged data, this command will fail.
This enables data staged by OEM commands to be transferred from device
to host. get_staged wraps new device command "upload". Fastboot
clients are not required to support "upload", so get_staged won't
work on all devices.
Bug: 36002804
Test: Implemented "upload" in fastboot on imx6ul. Verified that uploading
~100K data from the device works.
Change-Id: I5b1a1ce023f362062505ee62746ea8ab6f36bfbf
(cherry-picked from commit 83a875de994bf48f0faa2a8a23ceb0b8f52b6b04)
(cherry-picked from internal nyc-iot-dev to AOSP)
New user-level command usage:
* fastboot stage <infile>
Sends the contents of <infile> to the device to stage for use in the
next command.
This enables OEM commands to use data downloaded from host to device.
Bug: 35811075
Test: Manual test on imx6ul
Change-Id: I483a18f9f4205d3289ee524656b9d741b16e9fe6
(cherry-picked from commit 001c75c6c0fe6a70a1db2a65253ab3c43ec17d46)
Adding methods to queue and download flashable images by fd instead of
by pointer, so that we can deal with sending large (up to 4GB) files
on windows and linux. This gets past limitations on linux to read
more than 2GB from a file at a time, as well as memory limitations
on win32, in order to download up to 4GB in a single transfer.
Test: fastboot -w
Test: "flash-all" from nexus factory images site (incl. fastboot -w update)
Test: fastboot flash with large and small image, large and small max-download-size
Test: Sanity check flashing on win32, darwin, linux.
Test: Sanity check 3GB image download (with 3GB max-download-size)
on win32, darwin, linux.
Bug: 36810152
Change-Id: I528d739d344eb080d59d721dadf3b3b34d4b375e
This is required for large (>INT_MAX) sparse limit reported by
the target.
Also, patch up return chains of "int" that need to deal with sizes
bigger than 2GB as well as return negative error codes.
Test: -S works with large max-download-size
Test: Flash 3GB system.img with max-download-size 2.5GB
Bug: 36810152
Change-Id: I562a50eabd706bd5b97c71a1aef07c1ffd1a2e5c
Not sure how this code got missed when we moved everything else off
C string handling...
$ adb reboot bootloader
$ fastboot oem `perl -e 'print "x"x1024;'`
Before:
<crashes>
After:
error: Command length (1028) exceeds maximum size (64)
(The error says 1028 instead of 1024 because it includes the "oem ".)
Bug: http://b/36232671
Test: fastboot oem `perl -e 'print "x"x1024;'`
Change-Id: Ib4664e49222bd2b71be5aa3fe81f386d6073414f
If the bootloader provides erase-block-size and logical-block-size
getvar variables, then pass these to libext4_utils when building a new
userdata image. This info is used to tune stride and stripe-width.
Bug: 33243520
Test: Modify fb_getvar to return values for "erase-block-size" and
"logical-block-size" and check that fastboot -w sets userdata
parameters correctly.
Signed-off-by: Connor O'Brien <connoro@google.com>
Change-Id: Id48b7a3ebb9074983a4422a79a64dcb437c0f888
Fix a crash when running "fastboot reboot bootloader"
Test: Manual run "fastboot reboot bootloader" and "fastboot reboot emergency"
Change-Id: I6d163a5b640afcae1dfa606f409e23ec5f499184
Legacy A/B implementations use _a and _b slot names, but currently the
set_active command is unconditionally stripping the _ prefix. This CL
adds some code to add the _ back in if connected to a legacy A/B
implementation.
This isn't a complete fix (there are other places in the code that also
unconditionally strip the prefix) but is sufficient for Android Things
use case, and we want to keep this change as small and safe as possible
to avoid breaking anything else.
Bug: http://b/32996227
Test: `fastboot set_active _a` and `fastboot set_active a` works on
both AndroidThings Edison board and Marlin.
Test: AndroidThings Edison flashall script now completes successfully.
Change-Id: I1a07e48b9e2726f386e9ece5267a9f1d8edefe22
Add a flag to fastboot that will cause it to not reboot the device after
performing commands like update and flashall.
Fixed: 31743001
Test: run fastboot update with and without --skip-reboot flag
Change-Id: I7f4056249a52779c7fc752c9d1009a58a44762df
We'd long had two copies of this stuff, so rather than rewrite both
Linux versions to use android::base::Readlink, let's kill the duplication
too...
Bug: http://b/30988271
Change-Id: I4de58a94a22a4b1faf969a6fc70ca1560a4d5121
The skip-secondary flag now replaces flash-primary. This flag will
skip over the secondary images for both flashall and update.
Change-Id: I9f380f3195006d325d6c45776bf79ecec17506ad
(cherry-picked from commit e180929866)
Slots are now referred to as a and b instead
of _a and _b. For the moment, _a and _b will
still be supported. For old devices that
support A/B, they are assumed to have 2 slots.
Bug: 29643845
Change-Id: Ieab6bed7b4977d8386dcec0afa434371f54bd63f
(cherry-picked from commit 563fcf6f69)
Fastboot update and flashall will now flash secondary
images if provided, and if the --slot flag is not set
to 'all'. Also added flash-primary to preserve the
previous behavior, and flash-secondary to just flash
the secondary images.
Fixes from: I5bd2de1c1e0e6224a195b566f7dcbe383555a80a
Bug: 29278988
Change-Id: Ia870e4be55617c0eefa4e1381287f8cd14affe7e
(cherry-picked from commit 6c98509c34)
Some devices will report an error string as a value
when unknown variables are queried. This can lead to
unexpected behavior, so we attempt to detect this case
by seeing if the suffix list doesn't make sense.
Change-Id: I939b1e01c40ddc05d881fd54423406db250cc8e5
(cherry-picked from commit 190d968414)
If the device has previously failed to boot, and the current slot is
marked as unbootable, we must call set_active to reenable the slot.
Bug: 29827625
Change-Id: I8b723dda80e246b48e5967aff4503c3d120bfb9b
(cherry-picked from commit 9c9a6c62e5)
This is probably not very significant in this standalone tool,
but makes it easier for us to find leaks in our other system
code via static analysis.
(cherry-pick of 407a2195391685627e6be947491041ae3c8cbe61.)
Change-Id: I4e14cadc1e53bac0848e0e0c7f531f920e43cb0a
