diff options
| -rw-r--r-- | Android.mk | 15 | ||||
| -rw-r--r-- | applypatch/Android.mk | 4 | ||||
| -rw-r--r-- | applypatch/applypatch.c | 42 | ||||
| -rw-r--r-- | applypatch/applypatch.h | 9 | ||||
| -rw-r--r-- | applypatch/main.c | 2 | ||||
| -rw-r--r-- | bootloader.c | 167 | ||||
| -rw-r--r-- | common.h | 13 | ||||
| -rw-r--r-- | default_recovery_ui.c | 2 | ||||
| -rw-r--r-- | encryptedfs_provisioning.c | 9 | ||||
| -rw-r--r-- | install.c | 15 | ||||
| -rw-r--r-- | minelf/Android.mk | 27 | ||||
| -rw-r--r-- | minelf/Retouch.c | 406 | ||||
| -rw-r--r-- | minelf/Retouch.h | 51 | ||||
| -rw-r--r-- | recovery.c | 139 | ||||
| -rw-r--r-- | recovery_ui.h | 3 | ||||
| -rw-r--r-- | roots.c | 391 | ||||
| -rw-r--r-- | roots.h | 38 | ||||
| -rw-r--r-- | test_roots.c | 81 | ||||
| -rw-r--r-- | updater/Android.mk | 3 | ||||
| -rw-r--r-- | updater/install.c | 124 |
20 files changed, 1196 insertions, 345 deletions
diff --git a/Android.mk b/Android.mk index e6c354759..e8e7a79ab 100644 --- a/Android.mk +++ b/Android.mk @@ -15,6 +15,8 @@ LOCAL_SRC_FILES := \ verifier.c \ encryptedfs_provisioning.c +LOCAL_SRC_FILES += test_roots.c + LOCAL_MODULE := recovery LOCAL_FORCE_STATIC_EXECUTABLE := true @@ -22,6 +24,14 @@ LOCAL_FORCE_STATIC_EXECUTABLE := true RECOVERY_API_VERSION := 3 LOCAL_CFLAGS += -DRECOVERY_API_VERSION=$(RECOVERY_API_VERSION) +LOCAL_STATIC_LIBRARIES := + +ifeq ($(TARGET_USERIMAGES_USE_EXT4), true) +LOCAL_CFLAGS += -DUSE_EXT4 +LOCAL_C_INCLUDES += system/extras/ext4_utils +LOCAL_STATIC_LIBRARIES += libext4_utils libz +endif + # This binary is in the recovery ramdisk, which is otherwise a copy of root. # It gets copied there in config/Makefile. LOCAL_MODULE_TAGS suppresses # a (redundant) copy of the binary in /system/bin for user builds. @@ -29,19 +39,15 @@ LOCAL_CFLAGS += -DRECOVERY_API_VERSION=$(RECOVERY_API_VERSION) LOCAL_MODULE_TAGS := eng -LOCAL_STATIC_LIBRARIES := ifeq ($(TARGET_RECOVERY_UI_LIB),) LOCAL_SRC_FILES += default_recovery_ui.c else LOCAL_STATIC_LIBRARIES += $(TARGET_RECOVERY_UI_LIB) endif -LOCAL_STATIC_LIBRARIES += libext4_utils libz LOCAL_STATIC_LIBRARIES += libminzip libunz libmtdutils libmincrypt LOCAL_STATIC_LIBRARIES += libminui libpixelflinger_static libpng libcutils LOCAL_STATIC_LIBRARIES += libstdc++ libc -LOCAL_C_INCLUDES += system/extras/ext4_utils - include $(BUILD_EXECUTABLE) @@ -61,6 +67,7 @@ include $(BUILD_EXECUTABLE) include $(commands_recovery_local_path)/minui/Android.mk +include $(commands_recovery_local_path)/minelf/Android.mk include $(commands_recovery_local_path)/minzip/Android.mk include $(commands_recovery_local_path)/mtdutils/Android.mk include $(commands_recovery_local_path)/tools/Android.mk diff --git a/applypatch/Android.mk b/applypatch/Android.mk index e91e4bf88..eff1d77b3 100644 --- a/applypatch/Android.mk +++ b/applypatch/Android.mk @@ -31,7 +31,7 @@ include $(CLEAR_VARS) LOCAL_SRC_FILES := main.c LOCAL_MODULE := applypatch LOCAL_C_INCLUDES += bootable/recovery -LOCAL_STATIC_LIBRARIES += libapplypatch libmtdutils libmincrypt libbz +LOCAL_STATIC_LIBRARIES += libapplypatch libmtdutils libmincrypt libbz libminelf LOCAL_SHARED_LIBRARIES += libz libcutils libstdc++ libc include $(BUILD_EXECUTABLE) @@ -43,7 +43,7 @@ LOCAL_MODULE := applypatch_static LOCAL_FORCE_STATIC_EXECUTABLE := true LOCAL_MODULE_TAGS := eng LOCAL_C_INCLUDES += bootable/recovery -LOCAL_STATIC_LIBRARIES += libapplypatch libmtdutils libmincrypt libbz +LOCAL_STATIC_LIBRARIES += libapplypatch libmtdutils libmincrypt libbz libminelf LOCAL_STATIC_LIBRARIES += libz libcutils libstdc++ libc include $(BUILD_EXECUTABLE) diff --git a/applypatch/applypatch.c b/applypatch/applypatch.c index fd8153aec..106091386 100644 --- a/applypatch/applypatch.c +++ b/applypatch/applypatch.c @@ -30,16 +30,21 @@ #include "mtdutils/mtdutils.h" #include "edify/expr.h" -static int SaveFileContents(const char* filename, FileContents file); +int SaveFileContents(const char* filename, FileContents file); static int LoadPartitionContents(const char* filename, FileContents* file); int ParseSha1(const char* str, uint8_t* digest); static ssize_t FileSink(unsigned char* data, ssize_t len, void* token); static int mtd_partitions_scanned = 0; -// Read a file into memory; store it and its associated metadata in -// *file. Return 0 on success. -int LoadFileContents(const char* filename, FileContents* file) { +// Read a file into memory; optionally (retouch_flag == RETOUCH_DO_MASK) mask +// the retouched entries back to their original value (such that SHA-1 checks +// don't fail due to randomization); store the file contents and associated +// metadata in *file. +// +// Return 0 on success. +int LoadFileContents(const char* filename, FileContents* file, + int retouch_flag) { file->data = NULL; // A special 'filename' beginning with "MTD:" or "EMMC:" means to @@ -75,6 +80,20 @@ int LoadFileContents(const char* filename, FileContents* file) { } fclose(f); + // apply_patch[_check] functions are blind to randomization. Randomization + // is taken care of in [Undo]RetouchBinariesFn. If there is a mismatch + // within a file, this means the file is assumed "corrupt" for simplicity. + if (retouch_flag) { + int32_t desired_offset = 0; + if (retouch_mask_data(file->data, file->size, + &desired_offset, NULL) != RETOUCH_DATA_MATCHED) { + printf("error trying to mask retouch entries\n"); + free(file->data); + file->data = NULL; + return -1; + } + } + SHA(file->data, file->size, file->sha1); return 0; } @@ -303,7 +322,7 @@ static int LoadPartitionContents(const char* filename, FileContents* file) { // Save the contents of the given FileContents object under the given // filename. Return 0 on success. -static int SaveFileContents(const char* filename, FileContents file) { +int SaveFileContents(const char* filename, FileContents file) { int fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC); if (fd < 0) { printf("failed to open \"%s\" for write: %s\n", @@ -477,7 +496,7 @@ int applypatch_check(const char* filename, // LoadFileContents is successful. (Useful for reading // partitions, where the filename encodes the sha1s; no need to // check them twice.) - if (LoadFileContents(filename, &file) != 0 || + if (LoadFileContents(filename, &file, RETOUCH_DO_MASK) != 0 || (num_patches > 0 && FindMatchingPatch(file.sha1, patch_sha1_str, num_patches) < 0)) { printf("file \"%s\" doesn't have any of expected " @@ -491,7 +510,7 @@ int applypatch_check(const char* filename, // exists and matches the sha1 we're looking for, the check still // passes. - if (LoadFileContents(CACHE_TEMP_SOURCE, &file) != 0) { + if (LoadFileContents(CACHE_TEMP_SOURCE, &file, RETOUCH_DO_MASK) != 0) { printf("failed to load cache file\n"); return 1; } @@ -617,7 +636,8 @@ int applypatch(const char* source_filename, int made_copy = 0; // We try to load the target file into the source_file object. - if (LoadFileContents(target_filename, &source_file) == 0) { + if (LoadFileContents(target_filename, &source_file, + RETOUCH_DO_MASK) == 0) { if (memcmp(source_file.sha1, target_sha1, SHA_DIGEST_SIZE) == 0) { // The early-exit case: the patch was already applied, this file // has the desired hash, nothing for us to do. @@ -633,7 +653,8 @@ int applypatch(const char* source_filename, // Need to load the source file: either we failed to load the // target file, or we did but it's different from the source file. free(source_file.data); - LoadFileContents(source_filename, &source_file); + LoadFileContents(source_filename, &source_file, + RETOUCH_DO_MASK); } if (source_file.data != NULL) { @@ -648,7 +669,8 @@ int applypatch(const char* source_filename, free(source_file.data); printf("source file is bad; trying copy\n"); - if (LoadFileContents(CACHE_TEMP_SOURCE, ©_file) < 0) { + if (LoadFileContents(CACHE_TEMP_SOURCE, ©_file, + RETOUCH_DO_MASK) < 0) { // fail. printf("failed to read copy file\n"); return 1; diff --git a/applypatch/applypatch.h b/applypatch/applypatch.h index 10c01259a..a78c89bfe 100644 --- a/applypatch/applypatch.h +++ b/applypatch/applypatch.h @@ -19,6 +19,7 @@ #include <sys/stat.h> #include "mincrypt/sha.h" +#include "minelf/Retouch.h" #include "edify/expr.h" typedef struct _Patch { @@ -59,10 +60,12 @@ int applypatch_check(const char* filename, int num_patches, char** const patch_sha1_str); -// Read a file into memory; store it and its associated metadata in -// *file. Return 0 on success. -int LoadFileContents(const char* filename, FileContents* file); +int LoadFileContents(const char* filename, FileContents* file, + int retouch_flag); +int SaveFileContents(const char* filename, FileContents file); void FreeFileContents(FileContents* file); +int FindMatchingPatch(uint8_t* sha1, char** const patch_sha1_str, + int num_patches); // bsdiff.c void ShowBSDiffLicense(); diff --git a/applypatch/main.c b/applypatch/main.c index 3917f86ed..7025a2e2e 100644 --- a/applypatch/main.c +++ b/applypatch/main.c @@ -74,7 +74,7 @@ static int ParsePatchArgs(int argc, char** argv, (*patches)[i] = NULL; } else { FileContents fc; - if (LoadFileContents(colon, &fc) != 0) { + if (LoadFileContents(colon, &fc, RETOUCH_DONT_MASK) != 0) { goto abort; } (*patches)[i] = malloc(sizeof(Value)); diff --git a/bootloader.c b/bootloader.c index 7da3f4ef6..1e66c3e26 100644 --- a/bootloader.c +++ b/bootloader.c @@ -23,103 +23,145 @@ #include <stdio.h> #include <string.h> -static int get_bootloader_message_mtd(struct bootloader_message *out, const Volume* v); -static int set_bootloader_message_mtd(const struct bootloader_message *in, const Volume* v); -static int get_bootloader_message_block(struct bootloader_message *out, const Volume* v); -static int set_bootloader_message_block(const struct bootloader_message *in, const Volume* v); +static const char *CACHE_NAME = "CACHE:"; +static const char *MISC_NAME = "MISC:"; + +#ifdef LOG_VERBOSE +static void dump_data(const char *data, int len) { + int pos; + for (pos = 0; pos < len; ) { + printf("%05x: %02x", pos, data[pos]); + for (++pos; pos < len && (pos % 24) != 0; ++pos) { + printf(" %02x", data[pos]); + } + printf("\n"); + } +} +#endif -int get_bootloader_message(struct bootloader_message *out) { - Volume* v = volume_for_path("/misc"); - if (strcmp(v->fs_type, "mtd") == 0) { - return get_bootloader_message_mtd(out, v); - } else if (strcmp(v->fs_type, "block") == 0) { - return get_bootloader_message_block(out, v); +#ifdef USE_EXT4 +// Strictly speaking this doesn't have anything to do with ext4; we +// really just mean "misc is an emmc partition". We should have a +// more configurable way have describing partitions, filesystems, etc. + +static const char* MISC_PARTITION = + "/dev/block/platform/sdhci-tegra.3/by-name/misc"; + +int get_bootloader_message(struct bootloader_message* out) { + FILE* f = fopen(MISC_PARTITION, "rb"); + if (f == NULL) { + LOGE("Can't open %s\n(%s)\n", MISC_PARTITION, strerror(errno)); + return -1; + } + struct bootloader_message temp; + int count = fread(&temp, sizeof(temp), 1, f); + if (count != 1) { + LOGE("Failed reading %s\n(%s)\n", MISC_PARTITION, strerror(errno)); + return -1; } - LOGE("unknown misc partition fs_type \"%s\"\n", v->fs_type); - return -1; + if (fclose(f) != 0) { + LOGE("Failed closing %s\n(%s)\n", MISC_PARTITION, strerror(errno)); + return -1; + } + memcpy(out, &temp, sizeof(temp)); + return 0; } -int set_bootloader_message(const struct bootloader_message *in) { - Volume* v = volume_for_path("/misc"); - if (strcmp(v->fs_type, "mtd") == 0) { - return set_bootloader_message_mtd(in, v); - } else if (strcmp(v->fs_type, "block") == 0) { - return set_bootloader_message_block(in, v); +int set_bootloader_message(const struct bootloader_message* in) { + FILE* f = fopen(MISC_PARTITION, "wb"); + if (f == NULL) { + LOGE("Can't open %s\n(%s)\n", MISC_PARTITION, strerror(errno)); + return -1; + } + int count = fwrite(in, sizeof(*in), 1, f); + if (count != 1) { + LOGE("Failed writing %s\n(%s)\n", MISC_PARTITION, strerror(errno)); + return -1; } - LOGE("unknown misc partition fs_type \"%s\"\n", v->fs_type); - return -1; + if (fclose(f) != 0) { + LOGE("Failed closing %s\n(%s)\n", MISC_PARTITION, strerror(errno)); + return -1; + } + return 0; } -// ------------------------------ -// for misc partitions on MTD -// ------------------------------ +#else // MTD partitions static const int MISC_PAGES = 3; // number of pages to save static const int MISC_COMMAND_PAGE = 1; // bootloader command is this page -static int get_bootloader_message_mtd(struct bootloader_message *out, - const Volume* v) { +int get_bootloader_message(struct bootloader_message *out) { size_t write_size; - mtd_scan_partitions(); - const MtdPartition *part = mtd_find_partition_by_name(v->device); + const MtdPartition *part = get_root_mtd_partition(MISC_NAME); if (part == NULL || mtd_partition_info(part, NULL, NULL, &write_size)) { - LOGE("Can't find %s\n", v->device); + LOGE("Can't find %s\n", MISC_NAME); return -1; } MtdReadContext *read = mtd_read_partition(part); if (read == NULL) { - LOGE("Can't open %s\n(%s)\n", v->device, strerror(errno)); + LOGE("Can't open %s\n(%s)\n", MISC_NAME, strerror(errno)); return -1; } const ssize_t size = write_size * MISC_PAGES; char data[size]; ssize_t r = mtd_read_data(read, data, size); - if (r != size) LOGE("Can't read %s\n(%s)\n", v->device, strerror(errno)); + if (r != size) LOGE("Can't read %s\n(%s)\n", MISC_NAME, strerror(errno)); mtd_read_close(read); if (r != size) return -1; +#ifdef LOG_VERBOSE + printf("\n--- get_bootloader_message ---\n"); + dump_data(data, size); + printf("\n"); +#endif + memcpy(out, &data[write_size * MISC_COMMAND_PAGE], sizeof(*out)); return 0; } -static int set_bootloader_message_mtd(const struct bootloader_message *in, - const Volume* v) { + +int set_bootloader_message(const struct bootloader_message *in) { size_t write_size; - mtd_scan_partitions(); - const MtdPartition *part = mtd_find_partition_by_name(v->device); + const MtdPartition *part = get_root_mtd_partition(MISC_NAME); if (part == NULL || mtd_partition_info(part, NULL, NULL, &write_size)) { - LOGE("Can't find %s\n", v->device); + LOGE("Can't find %s\n", MISC_NAME); return -1; } MtdReadContext *read = mtd_read_partition(part); if (read == NULL) { - LOGE("Can't open %s\n(%s)\n", v->device, strerror(errno)); + LOGE("Can't open %s\n(%s)\n", MISC_NAME, strerror(errno)); return -1; } ssize_t size = write_size * MISC_PAGES; char data[size]; ssize_t r = mtd_read_data(read, data, size); - if (r != size) LOGE("Can't read %s\n(%s)\n", v->device, strerror(errno)); + if (r != size) LOGE("Can't read %s\n(%s)\n", MISC_NAME, strerror(errno)); mtd_read_close(read); if (r != size) return -1; memcpy(&data[write_size * MISC_COMMAND_PAGE], in, sizeof(*in)); +#ifdef LOG_VERBOSE + printf("\n--- set_bootloader_message ---\n"); + dump_data(data, size); + printf("\n"); +#endif + MtdWriteContext *write = mtd_write_partition(part); if (write == NULL) { - LOGE("Can't open %s\n(%s)\n", v->device, strerror(errno)); + LOGE("Can't open %s\n(%s)\n", MISC_NAME, strerror(errno)); return -1; } if (mtd_write_data(write, data, size) != size) { - LOGE("Can't write %s\n(%s)\n", v->device, strerror(errno)); + LOGE("Can't write %s\n(%s)\n", MISC_NAME, strerror(errno)); mtd_write_close(write); return -1; } if (mtd_write_close(write)) { - LOGE("Can't finish %s\n(%s)\n", v->device, strerror(errno)); + LOGE("Can't finish %s\n(%s)\n", MISC_NAME, strerror(errno)); return -1; } @@ -127,47 +169,4 @@ static int set_bootloader_message_mtd(const struct bootloader_message *in, return 0; } - -// ------------------------------------ -// for misc partitions on block devices -// ------------------------------------ - -static int get_bootloader_message_block(struct bootloader_message *out, - const Volume* v) { - FILE* f = fopen(v->device, "rb"); - if (f == NULL) { - LOGE("Can't open %s\n(%s)\n", v->device, strerror(errno)); - return -1; - } - struct bootloader_message temp; - int count = fread(&temp, sizeof(temp), 1, f); - if (count != 1) { - LOGE("Failed reading %s\n(%s)\n", v->device, strerror(errno)); - return -1; - } - if (fclose(f) != 0) { - LOGE("Failed closing %s\n(%s)\n", v->device, strerror(errno)); - return -1; - } - memcpy(out, &temp, sizeof(temp)); - return 0; -} - -static int set_bootloader_message_block(const struct bootloader_message *in, - const Volume* v) { - FILE* f = fopen(v->device, "wb"); - if (f == NULL) { - LOGE("Can't open %s\n(%s)\n", v->device, strerror(errno)); - return -1; - } - int count = fwrite(in, sizeof(*in), 1, f); - if (count != 1) { - LOGE("Failed writing %s\n(%s)\n", v->device, strerror(errno)); - return -1; - } - if (fclose(f) != 0) { - LOGE("Failed closing %s\n(%s)\n", v->device, strerror(errno)); - return -1; - } - return 0; -} +#endif @@ -87,17 +87,4 @@ void ui_reset_progress(); #define STRINGIFY(x) #x #define EXPAND(x) STRINGIFY(x) -typedef struct { - const char* mount_point; // eg. "/cache". must live in the root directory. - - const char* fs_type; // "yaffs2" or "ext4" or "vfat" - - const char* device; // MTD partition name if fs_type == "yaffs" - // block device if fs_type == "ext4" or "vfat" - - const char* device2; // alternative device to try if fs_type - // == "ext4" or "vfat" and mounting - // 'device' fails -} Volume; - #endif // RECOVERY_COMMON_H diff --git a/default_recovery_ui.c b/default_recovery_ui.c index ce12787fe..bcba88826 100644 --- a/default_recovery_ui.c +++ b/default_recovery_ui.c @@ -24,7 +24,7 @@ char* MENU_HEADERS[] = { "Android system recovery utility", NULL }; char* MENU_ITEMS[] = { "reboot system now", - "apply update from sdcard", + "apply update from external storage", "wipe data/factory reset", "wipe cache partition", NULL }; diff --git a/encryptedfs_provisioning.c b/encryptedfs_provisioning.c index 601c817de..2bcfec161 100644 --- a/encryptedfs_provisioning.c +++ b/encryptedfs_provisioning.c @@ -186,7 +186,7 @@ int write_encrypted_fs_boolean_property(const char *prop_name, int value) { int read_encrypted_fs_info(encrypted_fs_info *encrypted_fs_data) { int result; int value; - result = ensure_path_mounted("/data"); + result = ensure_root_path_mounted("DATA:"); if (result != 0) { LOGE("Secure FS: error mounting userdata partition."); return ENCRYPTED_FS_ERROR; @@ -221,7 +221,7 @@ int read_encrypted_fs_info(encrypted_fs_info *encrypted_fs_data) { return ENCRYPTED_FS_ERROR; } - result = ensure_path_unmounted("/data"); + result = ensure_root_path_unmounted("DATA:"); if (result != 0) { LOGE("Secure FS: error unmounting data partition."); return ENCRYPTED_FS_ERROR; @@ -232,7 +232,7 @@ int read_encrypted_fs_info(encrypted_fs_info *encrypted_fs_data) { int restore_encrypted_fs_info(encrypted_fs_info *encrypted_fs_data) { int result; - result = ensure_path_mounted("/data"); + result = ensure_root_path_mounted("DATA:"); if (result != 0) { LOGE("Secure FS: error mounting userdata partition."); return ENCRYPTED_FS_ERROR; @@ -273,7 +273,7 @@ int restore_encrypted_fs_info(encrypted_fs_info *encrypted_fs_data) { return result; } - result = ensure_path_unmounted("/data"); + result = ensure_root_path_unmounted("DATA:"); if (result != 0) { LOGE("Secure FS: error unmounting data partition."); return ENCRYPTED_FS_ERROR; @@ -281,3 +281,4 @@ int restore_encrypted_fs_info(encrypted_fs_info *encrypted_fs_data) { return ENCRYPTED_FS_OK; } + @@ -234,19 +234,26 @@ exit: } int -install_package(const char *path) +install_package(const char *root_path) { ui_set_background(BACKGROUND_ICON_INSTALLING); ui_print("Finding update package...\n"); ui_show_indeterminate_progress(); - LOGI("Update location: %s\n", path); + LOGI("Update location: %s\n", root_path); - if (ensure_path_mounted(path) != 0) { - LOGE("Can't mount %s\n", path); + if (ensure_root_path_mounted(root_path) != 0) { + LOGE("Can't mount %s\n", root_path); + return INSTALL_CORRUPT; + } + + char path[PATH_MAX] = ""; + if (translate_root_path(root_path, path, sizeof(path)) == NULL) { + LOGE("Bad path %s\n", root_path); return INSTALL_CORRUPT; } ui_print("Opening update package...\n"); + LOGI("Update file path: %s\n", path); int numKeys; RSAPublicKey* loadedKeys = load_keys(PUBLIC_KEYS_FILE, &numKeys); diff --git a/minelf/Android.mk b/minelf/Android.mk new file mode 100644 index 000000000..0f41ff528 --- /dev/null +++ b/minelf/Android.mk @@ -0,0 +1,27 @@ +# Copyright (C) 2009 The Android Open Source Project +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +LOCAL_PATH := $(call my-dir) +include $(CLEAR_VARS) + +LOCAL_SRC_FILES := \ + Retouch.c + +LOCAL_C_INCLUDES += bootable/recovery + +LOCAL_MODULE := libminelf + +LOCAL_CFLAGS += -Wall + +include $(BUILD_STATIC_LIBRARY) diff --git a/minelf/Retouch.c b/minelf/Retouch.c new file mode 100644 index 000000000..33809cd6d --- /dev/null +++ b/minelf/Retouch.c @@ -0,0 +1,406 @@ +/* + * Copyright (C) 2009 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <errno.h> +#include <sys/stat.h> +#include <fcntl.h> +#include <stdio.h> +#include <unistd.h> +#include <string.h> +#include <strings.h> +#include "Retouch.h" +#include "applypatch/applypatch.h" + +typedef struct { + int32_t mmap_addr; + char tag[4]; /* 'P', 'R', 'E', ' ' */ +} prelink_info_t __attribute__((packed)); + +#define false 0 +#define true 1 + +static int32_t offs_prev; +static uint32_t cont_prev; + +static void init_compression_state(void) { + offs_prev = 0; + cont_prev = 0; +} + +// For details on the encoding used for relocation lists, please +// refer to build/tools/retouch/retouch-prepare.c. The intent is to +// save space by removing most of the inherent redundancy. + +static void decode_bytes(uint8_t *encoded_bytes, int encoded_size, + int32_t *dst_offset, uint32_t *dst_contents) { + if (encoded_size == 2) { + *dst_offset = offs_prev + (((encoded_bytes[0]&0x60)>>5)+1)*4; + + // if the original was negative, we need to 1-pad before applying delta + int32_t tmp = (((encoded_bytes[0] & 0x0000001f) << 8) | + encoded_bytes[1]); + if (tmp & 0x1000) tmp = 0xffffe000 | tmp; + *dst_contents = cont_prev + tmp; + } else if (encoded_size == 3) { + *dst_offset = offs_prev + (((encoded_bytes[0]&0x30)>>4)+1)*4; + + // if the original was negative, we need to 1-pad before applying delta + int32_t tmp = (((encoded_bytes[0] & 0x0000000f) << 16) | + (encoded_bytes[1] << 8) | + encoded_bytes[2]); + if (tmp & 0x80000) tmp = 0xfff00000 | tmp; + *dst_contents = cont_prev + tmp; + } else { + *dst_offset = + (encoded_bytes[0]<<24) | + (encoded_bytes[1]<<16) | + (encoded_bytes[2]<<8) | + encoded_bytes[3]; + if (*dst_offset == 0x3fffffff) *dst_offset = -1; + *dst_contents = + (encoded_bytes[4]<<24) | + (encoded_bytes[5]<<16) | + (encoded_bytes[6]<<8) | + encoded_bytes[7]; + } +} + +static uint8_t *decode_in_memory(uint8_t *encoded_bytes, + int32_t *offset, uint32_t *contents) { + int input_size, charIx; + uint8_t input[8]; + + input[0] = *(encoded_bytes++); + if (input[0] & 0x80) + input_size = 2; + else if (input[0] & 0x40) + input_size = 3; + else + input_size = 8; + + // we already read one byte.. + charIx = 1; + while (charIx < input_size) { + input[charIx++] = *(encoded_bytes++); + } + + // depends on the decoder state! + decode_bytes(input, input_size, offset, contents); + + offs_prev = *offset; + cont_prev = *contents; + + return encoded_bytes; +} + +int retouch_mask_data(uint8_t *binary_object, + int32_t binary_size, + int32_t *desired_offset, + int32_t *retouch_offset) { + retouch_info_t *r_info; + prelink_info_t *p_info; + + int32_t target_offset = 0; + if (desired_offset) target_offset = *desired_offset; + + int32_t p_offs = binary_size-sizeof(prelink_info_t); // prelink_info_t + int32_t r_offs = p_offs-sizeof(retouch_info_t); // retouch_info_t + int32_t b_offs; // retouch data blob + + // If not retouched, we say it was a match. This might get invoked on + // non-retouched binaries, so that's why we need to do this. + if (retouch_offset != NULL) *retouch_offset = target_offset; + if (r_offs < 0) return (desired_offset == NULL) ? + RETOUCH_DATA_NOTAPPLICABLE : RETOUCH_DATA_MATCHED; + p_info = (prelink_info_t *)(binary_object+p_offs); + r_info = (retouch_info_t *)(binary_object+r_offs); + if (strncmp(p_info->tag, "PRE ", 4) || + strncmp(r_info->tag, "RETOUCH ", 8)) + return (desired_offset == NULL) ? + RETOUCH_DATA_NOTAPPLICABLE : RETOUCH_DATA_MATCHED; + + b_offs = r_offs-r_info->blob_size; + if (b_offs < 0) { + printf("negative binary offset: %d = %d - %d\n", + b_offs, r_offs, r_info->blob_size); + return RETOUCH_DATA_ERROR; + } + uint8_t *b_ptr = binary_object+b_offs; + + // Retouched: let's go through the work then. + int32_t offset_candidate = target_offset; + bool offset_set = false, offset_mismatch = false; + init_compression_state(); + while (b_ptr < (uint8_t *)r_info) { + int32_t retouch_entry_offset; + uint32_t *retouch_entry; + uint32_t retouch_original_value; + + b_ptr = decode_in_memory(b_ptr, + &retouch_entry_offset, + &retouch_original_value); + if (retouch_entry_offset < (-1) || + retouch_entry_offset >= b_offs) { + printf("bad retouch_entry_offset: %d", retouch_entry_offset); + return RETOUCH_DATA_ERROR; + } + + // "-1" means this is the value in prelink_info_t, which also gets + // randomized. + if (retouch_entry_offset == -1) + retouch_entry = (uint32_t *)&(p_info->mmap_addr); + else + retouch_entry = (uint32_t *)(binary_object+retouch_entry_offset); + + if (desired_offset) + *retouch_entry = retouch_original_value + target_offset; + + // Infer the randomization shift, compare to previously inferred. + int32_t offset_of_this_entry = (int32_t)(*retouch_entry- + retouch_original_value); + if (!offset_set) { + offset_candidate = offset_of_this_entry; + offset_set = true; + } else { + if (offset_candidate != offset_of_this_entry) { + offset_mismatch = true; + printf("offset is mismatched: %d, this entry is %d," + " original 0x%x @ 0x%x", + offset_candidate, offset_of_this_entry, + retouch_original_value, retouch_entry_offset); + } + } + } + if (b_ptr > (uint8_t *)r_info) { + printf("b_ptr went too far: %p, while r_info is %p", + b_ptr, r_info); + return RETOUCH_DATA_ERROR; + } + + if (offset_mismatch) return RETOUCH_DATA_MISMATCHED; + if (retouch_offset != NULL) *retouch_offset = offset_candidate; + return RETOUCH_DATA_MATCHED; +} + +// On success, _override is set to the offset that was actually applied. +// This implies that once we randomize to an offset we stick with it. +// This in turn is necessary in order to guarantee recovery after crash. +bool retouch_one_library(const char *binary_name, + const char *binary_sha1, + int32_t retouch_offset, + int32_t *retouch_offset_override) { + bool success = true; + int result; + + FileContents file; + file.data = NULL; + + char binary_name_atomic[strlen(binary_name)+10]; + strcpy(binary_name_atomic, binary_name); + strcat(binary_name_atomic, ".atomic"); + + // We need a path that exists for calling statfs() later. + // + // Assume that binary_name (eg "/system/app/Foo.apk") is located + // on the same filesystem as its top-level directory ("/system"). + char target_fs[strlen(binary_name)+1]; + char* slash = strchr(binary_name+1, '/'); + if (slash != NULL) { + int count = slash - binary_name; + strncpy(target_fs, binary_name, count); + target_fs[count] = '\0'; + } else { + strcpy(target_fs, binary_name); + } + + result = LoadFileContents(binary_name, &file, RETOUCH_DONT_MASK); + + if (result == 0) { + // Figure out the *apparent* offset to which this file has been + // retouched. If it looks good, we will skip processing (we might + // have crashed and during this recovery pass we don't want to + // overwrite a valuable saved file in /cache---which would happen + // if we blindly retouch everything again). NOTE: This implies + // that we might have to override the supplied retouch offset. We + // can do the override only once though: everything should match + // afterward. + + int32_t inferred_offset; + int retouch_probe_result = retouch_mask_data(file.data, + file.size, + NULL, + &inferred_offset); + + if (retouch_probe_result == RETOUCH_DATA_MATCHED) { + if ((retouch_offset == inferred_offset) || + ((retouch_offset != 0 && inferred_offset != 0) && + (retouch_offset_override != NULL))) { + // This file is OK already and we are allowed to override. + // Let's just return the offset override value. It is critical + // to skip regardless of override: a broken file might need + // recovery down the list and we should not mess up the saved + // copy by doing unnecessary retouching. + // + // NOTE: If retouching was already started with a different + // value, we will not be allowed to override. This happens + // if on the retouch list there is a patched binary (which is + // masked in apply_patch()) before there is a non-patched + // binary. + if (retouch_offset_override != NULL) + *retouch_offset_override = inferred_offset; + success = true; + goto out; + } else { + // Retouch to zero (mask the retouching), to make sure that + // the SHA-1 check will pass below. + int32_t zero = 0; + retouch_mask_data(file.data, file.size, &zero, NULL); + SHA(file.data, file.size, file.sha1); + } + } + + if (retouch_probe_result == RETOUCH_DATA_NOTAPPLICABLE) { + // In the case of not retouchable, fake it. We do not want + // to do the normal processing and overwrite the backup file: + // we might be recovering! + // + // We return a zero override, which tells the caller that we + // simply skipped the file. + if (retouch_offset_override != NULL) + *retouch_offset_override = 0; + success = true; + goto out; + } + + // If we get here, either there was a mismatch in the offset, or + // the file has not been processed yet. Continue with normal + // processing. + } + + if (result != 0 || FindMatchingPatch(file.sha1, &binary_sha1, 1) < 0) { + free(file.data); + printf("Attempting to recover source from '%s' ...\n", + CACHE_TEMP_SOURCE); + result = LoadFileContents(CACHE_TEMP_SOURCE, &file, RETOUCH_DO_MASK); + if (result != 0 || FindMatchingPatch(file.sha1, &binary_sha1, 1) < 0) { + printf(" failed.\n"); + success = false; + goto out; + } + printf(" succeeded.\n"); + } + + // Retouch in-memory before worrying about backing up the original. + // + // Recovery steps will be oblivious to the actual retouch offset used, + // so might as well write out the already-retouched copy. Then, in the + // usual case, we will just swap the file locally, with no more writes + // needed. In the no-free-space case, we will then write the same to the + // original location. + + result = retouch_mask_data(file.data, file.size, &retouch_offset, NULL); + if (result != RETOUCH_DATA_MATCHED) { + success = false; + goto out; + } + if (retouch_offset_override != NULL) + *retouch_offset_override = retouch_offset; + + // How much free space do we need? + bool enough_space = false; + size_t free_space = FreeSpaceForFile(target_fs); + // 50% margin when estimating the space needed. + enough_space = (free_space > (file.size * 3 / 2)); + + // The experts say we have to allow for a retry of the + // whole process to avoid filesystem weirdness. + int retry = 1; + bool made_copy = false; + do { + // First figure out where to store a copy of the original. + // Ideally leave the original itself intact until the + // atomic swap. If no room on the same partition, fall back + // to the cache partition and remove the original. + + if (!enough_space) { + printf("Target is %ldB; free space is %ldB: not enough.\n", + (long)file.size, (long)free_space); + + retry = 0; + if (MakeFreeSpaceOnCache(file.size) < 0) { + printf("Not enough free space on '/cache'.\n"); + success = false; + goto out; + } + if (SaveFileContents(CACHE_TEMP_SOURCE, file) < 0) { + printf("Failed to back up source file.\n"); + success = false; + goto out; + } + made_copy = true; + unlink(binary_name); + + size_t free_space = FreeSpaceForFile(target_fs); + printf("(now %ld bytes free for target)\n", (long)free_space); + } + + result = SaveFileContents(binary_name_atomic, file); + if (result != 0) { + // Maybe the filesystem was optimistic: retry. + enough_space = false; + unlink(binary_name_atomic); + printf("Saving the retouched contents failed; retrying.\n"); + continue; + } + + // Succeeded; no need to retry. + break; + } while (retry-- > 0); + + // Give the .atomic file the same owner, group, and mode of the + // original source file. + if (chmod(binary_name_atomic, file.st.st_mode) != 0) { + printf("chmod of \"%s\" failed: %s\n", + binary_name_atomic, strerror(errno)); + success = false; + goto out; + } + if (chown(binary_name_atomic, file.st.st_uid, file.st.st_gid) != 0) { + printf("chown of \"%s\" failed: %s\n", + binary_name_atomic, + strerror(errno)); + success = false; + goto out; + } + + // Finally, rename the .atomic file to replace the target file. + if (rename(binary_name_atomic, binary_name) != 0) { + printf("rename of .atomic to \"%s\" failed: %s\n", + binary_name, strerror(errno)); + success = false; + goto out; + } + + // If this run created a copy, and we're here, we can delete it. + if (made_copy) unlink(CACHE_TEMP_SOURCE); + + out: + // clean up + free(file.data); + unlink(binary_name_atomic); + + return success; +} diff --git a/minelf/Retouch.h b/minelf/Retouch.h new file mode 100644 index 000000000..048d78e44 --- /dev/null +++ b/minelf/Retouch.h @@ -0,0 +1,51 @@ +/* + * Copyright (C) 2009 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef _MINELF_RETOUCH +#define _MINELF_RETOUCH + +#include <stdbool.h> +#include <sys/types.h> + +typedef struct { + char tag[8]; /* "RETOUCH ", not zero-terminated */ + uint32_t blob_size; /* in bytes, located right before this struct */ +} retouch_info_t __attribute__((packed)); + +// Retouch a file. Use CACHED_SOURCE_TEMP to store a copy. +bool retouch_one_library(const char *binary_name, + const char *binary_sha1, + int32_t retouch_offset, + int32_t *retouch_offset_override); + +#define RETOUCH_DONT_MASK 0 +#define RETOUCH_DO_MASK 1 + +#define RETOUCH_DATA_ERROR 0 // This is bad. Should not happen. +#define RETOUCH_DATA_MATCHED 1 // Up to an uniform random offset. +#define RETOUCH_DATA_MISMATCHED 2 // Partially randomized, or total mess. +#define RETOUCH_DATA_NOTAPPLICABLE 3 // Not retouched. Only when inferring. + +// Mask retouching in-memory. Used before apply_patch[_check]. +// Also used to determine status of retouching after a crash. +// +// If desired_offset is not NULL, then apply retouching instead, +// and return that in retouch_offset. +int retouch_mask_data(uint8_t *binary_object, + int32_t binary_size, + int32_t *desired_offset, + int32_t *retouch_offset); +#endif diff --git a/recovery.c b/recovery.c index f5636d846..286f1e5a7 100644 --- a/recovery.c +++ b/recovery.c @@ -50,12 +50,12 @@ static const struct option OPTIONS[] = { { NULL, 0, NULL, 0 }, }; -static const char *COMMAND_FILE = "/cache/recovery/command"; -static const char *INTENT_FILE = "/cache/recovery/intent"; -static const char *LOG_FILE = "/cache/recovery/log"; -static const char *SDCARD_ROOT = "/sdcard"; +static const char *COMMAND_FILE = "CACHE:recovery/command"; +static const char *INTENT_FILE = "CACHE:recovery/intent"; +static const char *LOG_FILE = "CACHE:recovery/log"; +static const char *SDCARD_ROOT = "SDCARD:"; static const char *TEMPORARY_LOG_FILE = "/tmp/recovery.log"; -static const char *SIDELOAD_TEMP_DIR = "/tmp/sideload"; +static const char *SIDELOAD_TEMP_DIR = "TMP:sideload"; /* * The recovery tool communicates with the main system through /cache files. @@ -65,7 +65,7 @@ static const char *SIDELOAD_TEMP_DIR = "/tmp/sideload"; * * The arguments which may be supplied in the recovery.command file: * --send_intent=anystring - write the text out to recovery.intent - * --update_package=path - verify install an OTA package file + * --update_package=root:path - verify install an OTA package file * --wipe_data - erase user data (and cache), then reboot * --wipe_cache - wipe cache (but not user data), then reboot * --set_encrypted_filesystem=on|off - enables / diasables encrypted fs @@ -80,8 +80,8 @@ static const char *SIDELOAD_TEMP_DIR = "/tmp/sideload"; * 3. main system reboots into recovery * 4. get_args() writes BCB with "boot-recovery" and "--wipe_data" * -- after this, rebooting will restart the erase -- - * 5. erase_volume() reformats /data - * 6. erase_volume() reformats /cache + * 5. erase_root() reformats /data + * 6. erase_root() reformats /cache * 7. finish_recovery() erases BCB * -- after this, rebooting will restart the main system -- * 8. main() calls reboot() to boot main system @@ -109,7 +109,7 @@ static const char *SIDELOAD_TEMP_DIR = "/tmp/sideload"; * 8d. bootloader tries to flash firmware * 8e. bootloader writes BCB with "boot-recovery" (keeping "--wipe_cache") * -- after this, rebooting will reformat cache & restart main system -- - * 8f. erase_volume() reformats /cache + * 8f. erase_root() reformats /cache * 8g. finish_recovery() erases BCB * -- after this, rebooting will (try to) restart the main system -- * 9. main() calls reboot() to boot main system @@ -125,8 +125,8 @@ static const char *SIDELOAD_TEMP_DIR = "/tmp/sideload"; * 5. read_encrypted_fs_info() retrieves encrypted file systems settings from /data * Settings include: property to specify the Encrypted FS istatus and * FS encryption key if enabled (not yet implemented) - * 6. erase_volume() reformats /data - * 7. erase_volume() reformats /cache + * 6. erase_root() reformats /data + * 7. erase_root() reformats /cache * 8. restore_encrypted_fs_info() writes required encrypted file systems settings to /data * Settings include: property to specify the Encrypted FS status and * FS encryption key if enabled (not yet implemented) @@ -138,11 +138,17 @@ static const char *SIDELOAD_TEMP_DIR = "/tmp/sideload"; static const int MAX_ARG_LENGTH = 4096; static const int MAX_ARGS = 100; -// open a given path, mounting partitions as necessary +// open a file given in root:path format, mounting partitions as necessary static FILE* -fopen_path(const char *path, const char *mode) { - if (ensure_path_mounted(path) != 0) { - LOGE("Can't mount %s\n", path); +fopen_root_path(const char *root_path, const char *mode) { + if (ensure_root_path_mounted(root_path) != 0) { + LOGE("Can't mount %s\n", root_path); + return NULL; + } + + char path[PATH_MAX] = ""; + if (translate_root_path(root_path, path, sizeof(path)) == NULL) { + LOGE("Bad path %s\n", root_path); return NULL; } @@ -199,7 +205,7 @@ get_args(int *argc, char ***argv) { // --- if that doesn't work, try the command file if (*argc <= 1) { - FILE *fp = fopen_path(COMMAND_FILE, "r"); + FILE *fp = fopen_root_path(COMMAND_FILE, "r"); if (fp != NULL) { char *argv0 = (*argv)[0]; *argv = (char **) malloc(sizeof(char *) * MAX_ARGS); @@ -245,7 +251,7 @@ static void finish_recovery(const char *send_intent) { // By this point, we're ready to return to the main system... if (send_intent != NULL) { - FILE *fp = fopen_path(INTENT_FILE, "w"); + FILE *fp = fopen_root_path(INTENT_FILE, "w"); if (fp == NULL) { LOGE("Can't open %s\n", INTENT_FILE); } else { @@ -255,7 +261,7 @@ finish_recovery(const char *send_intent) { } // Copy logs to cache so the system can find out what happened. - FILE *log = fopen_path(LOG_FILE, "a"); + FILE *log = fopen_root_path(LOG_FILE, "a"); if (log == NULL) { LOGE("Can't open %s\n", LOG_FILE); } else { @@ -279,8 +285,10 @@ finish_recovery(const char *send_intent) { set_bootloader_message(&boot); // Remove the command file, so recovery won't repeat indefinitely. - if (ensure_path_mounted(COMMAND_FILE) != 0 || - (unlink(COMMAND_FILE) && errno != ENOENT)) { + char path[PATH_MAX] = ""; + if (ensure_root_path_mounted(COMMAND_FILE) != 0 || + translate_root_path(COMMAND_FILE, path, sizeof(path)) == NULL || + (unlink(path) && errno != ENOENT)) { LOGW("Can't unlink %s\n", COMMAND_FILE); } @@ -288,54 +296,64 @@ finish_recovery(const char *send_intent) { } static int -erase_volume(const char *volume) { +erase_root(const char *root) { ui_set_background(BACKGROUND_ICON_INSTALLING); ui_show_indeterminate_progress(); - ui_print("Formatting %s...\n", volume); - return format_volume(volume); + ui_print("Formatting %s...\n", root); + return format_root_device(root); } static char* -copy_sideloaded_package(const char* original_path) { - if (ensure_path_mounted(original_path) != 0) { - LOGE("Can't mount %s\n", original_path); +copy_sideloaded_package(const char* original_root_path) { + if (ensure_root_path_mounted(original_root_path) != 0) { + LOGE("Can't mount %s\n", original_root_path); + return NULL; + } + + char original_path[PATH_MAX] = ""; + if (translate_root_path(original_root_path, original_path, + sizeof(original_path)) == NULL) { + LOGE("Bad path %s\n", original_root_path); return NULL; } - if (ensure_path_mounted(SIDELOAD_TEMP_DIR) != 0) { + if (ensure_root_path_mounted(SIDELOAD_TEMP_DIR) != 0) { LOGE("Can't mount %s\n", SIDELOAD_TEMP_DIR); return NULL; } - if (mkdir(SIDELOAD_TEMP_DIR, 0700) != 0) { + char copy_path[PATH_MAX] = ""; + if (translate_root_path(SIDELOAD_TEMP_DIR, copy_path, + sizeof(copy_path)) == NULL) { + LOGE("Bad path %s\n", SIDELOAD_TEMP_DIR); + return NULL; + } + + if (mkdir(copy_path, 0700) != 0) { if (errno != EEXIST) { LOGE("Can't mkdir %s (%s)\n", SIDELOAD_TEMP_DIR, strerror(errno)); return NULL; } } - // verify that SIDELOAD_TEMP_DIR is exactly what we expect: a - // directory, owned by root, readable and writable only by root. struct stat st; - if (stat(SIDELOAD_TEMP_DIR, &st) != 0) { - LOGE("failed to stat %s (%s)\n", SIDELOAD_TEMP_DIR, strerror(errno)); + if (stat(copy_path, &st) != 0) { + LOGE("failed to stat %s (%s)\n", copy_path, strerror(errno)); return NULL; } if (!S_ISDIR(st.st_mode)) { - LOGE("%s isn't a directory\n", SIDELOAD_TEMP_DIR); + LOGE("%s isn't a directory\n", copy_path); return NULL; } if ((st.st_mode & 0777) != 0700) { - LOGE("%s has perms %o\n", SIDELOAD_TEMP_DIR, st.st_mode); + LOGE("%s has perms %o\n", copy_path, st.st_mode); return NULL; } if (st.st_uid != 0) { - LOGE("%s owned by %lu; not root\n", SIDELOAD_TEMP_DIR, st.st_uid); + LOGE("%s owned by %lu; not root\n", copy_path, st.st_uid); return NULL; } - char copy_path[PATH_MAX]; - strcpy(copy_path, SIDELOAD_TEMP_DIR); strcat(copy_path, "/package.zip"); char* buffer = malloc(BUFSIZ); @@ -382,7 +400,10 @@ copy_sideloaded_package(const char* original_path) { return NULL; } - return strdup(copy_path); + char* copy_root_path = malloc(strlen(SIDELOAD_TEMP_DIR) + 20); + strcpy(copy_root_path, SIDELOAD_TEMP_DIR); + strcat(copy_root_path, "/package.zip"); + return copy_root_path; } static char** @@ -455,14 +476,15 @@ static int compare_string(const void* a, const void* b) { } static int -sdcard_directory(const char* path) { +sdcard_directory(const char* root_path) { const char* MENU_HEADERS[] = { "Choose a package to install:", - path, + root_path, "", NULL }; DIR* d; struct dirent* de; - d = opendir(path); + char path[PATH_MAX]; + d = opendir(translate_root_path(root_path, path, sizeof(path))); if (d == NULL) { LOGE("error opening %s: %s\n", path, strerror(errno)); return 0; @@ -535,28 +557,20 @@ sdcard_directory(const char* path) { } else if (item[item_len-1] == '/') { // recurse down into a subdirectory char new_path[PATH_MAX]; - strlcpy(new_path, path, PATH_MAX); - strlcat(new_path, "/", PATH_MAX); + strlcpy(new_path, root_path, PATH_MAX); strlcat(new_path, item, PATH_MAX); - new_path[strlen(new_path)-1] = '\0'; // truncate the trailing '/' result = sdcard_directory(new_path); if (result >= 0) break; } else { // selected a zip file: attempt to install it, and return // the status to the caller. char new_path[PATH_MAX]; - strlcpy(new_path, path, PATH_MAX); + strlcpy(new_path, root_path, PATH_MAX); strlcat(new_path, item, PATH_MAX); - ui_print("\n-- Install %s ...\n", path); + ui_print("\n-- Install %s ...\n", new_path); set_sdcard_update_bootloader_message(); - char* copy = copy_sideloaded_package(new_path); - if (copy) { - result = install_package(copy); - free(copy); - } else { - result = INSTALL_ERROR; - } + result = install_package(new_path); break; } } while (true); @@ -603,8 +617,8 @@ wipe_data(int confirm) { ui_print("\n-- Wiping data...\n"); device_wipe_data(); - erase_volume("/data"); - erase_volume("/cache"); + erase_root("DATA:"); + erase_root("CACHE:"); ui_print("Data wipe complete.\n"); } @@ -634,7 +648,7 @@ prompt_and_wait() { case ITEM_WIPE_CACHE: ui_print("\n-- Wiping cache...\n"); - erase_volume("/cache"); + erase_root("CACHE:"); ui_print("Cache wipe complete.\n"); if (!ui_text_visible()) return; break; @@ -672,7 +686,6 @@ main(int argc, char **argv) { printf("Starting recovery on %s", ctime(&start)); ui_init(); - load_volume_table(); get_args(&argc, &argv); int previous_runs = 0; @@ -733,10 +746,10 @@ main(int argc, char **argv) { } if (status != INSTALL_ERROR) { - if (erase_volume("/data")) { + if (erase_root("DATA:")) { ui_print("Data wipe failed.\n"); status = INSTALL_ERROR; - } else if (erase_volume("/cache")) { + } else if (erase_root("CACHE:")) { ui_print("Cache wipe failed.\n"); status = INSTALL_ERROR; } else if ((encrypted_fs_data.mode == MODE_ENCRYPTED_FS_ENABLED) && @@ -753,11 +766,11 @@ main(int argc, char **argv) { if (status != INSTALL_SUCCESS) ui_print("Installation aborted.\n"); } else if (wipe_data) { if (device_wipe_data()) status = INSTALL_ERROR; - if (erase_volume("/data")) status = INSTALL_ERROR; - if (wipe_cache && erase_volume("/cache")) status = INSTALL_ERROR; + if (erase_root("DATA:")) status = INSTALL_ERROR; + if (wipe_cache && erase_root("CACHE:")) status = INSTALL_ERROR; if (status != INSTALL_SUCCESS) ui_print("Data wipe failed.\n"); } else if (wipe_cache) { - if (wipe_cache && erase_volume("/cache")) status = INSTALL_ERROR; + if (wipe_cache && erase_root("CACHE:")) status = INSTALL_ERROR; if (status != INSTALL_SUCCESS) ui_print("Cache wipe failed.\n"); } else { status = INSTALL_ERROR; // No command specified @@ -767,7 +780,7 @@ main(int argc, char **argv) { if (status != INSTALL_SUCCESS || ui_text_visible()) { // Mount the sdcard when the menu is enabled so you can "adb // push" packages to the sdcard and immediately install them. - ensure_path_mounted(SDCARD_ROOT); + ensure_root_path_mounted(SDCARD_ROOT); prompt_and_wait(); } diff --git a/recovery_ui.h b/recovery_ui.h index e451bdfa2..77ce7f93d 100644 --- a/recovery_ui.h +++ b/recovery_ui.h @@ -66,7 +66,8 @@ int device_wipe_data(); #define SELECT_ITEM -4 #define ITEM_REBOOT 0 -#define ITEM_APPLY_SDCARD 1 +#define ITEM_APPLY_EXT 1 +#define ITEM_APPLY_SDCARD 1 // historical synonym for ITEM_APPLY_EXT #define ITEM_WIPE_DATA 2 #define ITEM_WIPE_CACHE 3 @@ -20,213 +20,330 @@ #include <sys/stat.h> #include <sys/types.h> #include <unistd.h> -#include <ctype.h> #include "mtdutils/mtdutils.h" #include "mtdutils/mounts.h" + +#ifdef USE_EXT4 +#include "make_ext4fs.h" +#endif + +#include "minzip/Zip.h" #include "roots.h" #include "common.h" -#include "make_ext4fs.h" -static int num_volumes = 0; -static Volume* device_volumes = NULL; +typedef struct { + const char *name; + const char *device; + const char *device2; // If the first one doesn't work (may be NULL) + const char *partition_name; + const char *mount_point; + const char *filesystem; +} RootInfo; -void load_volume_table() { - int alloc = 2; - device_volumes = malloc(alloc * sizeof(Volume)); +/* Canonical pointers. +xxx may just want to use enums + */ +static const char g_mtd_device[] = "@\0g_mtd_device"; +static const char g_raw[] = "@\0g_raw"; +static const char g_package_file[] = "@\0g_package_file"; +static const char g_ramdisk[] = "@\0g_ramdisk"; - FILE* fstab = fopen("/etc/recovery.fstab", "r"); - if (fstab == NULL) { - LOGE("failed to open /etc/recovery.fstab (%s)\n", strerror(errno)); - return; - } +static RootInfo g_roots[] = { + { "SDCARD:", "/dev/block/mmcblk0p1", "/dev/block/mmcblk0", NULL, "/sdcard", "vfat" }, + { "TMP:", NULL, NULL, NULL, "/tmp", g_ramdisk }, - char buffer[1024]; - int i; - while (fgets(buffer, sizeof(buffer)-1, fstab)) { - for (i = 0; buffer[i] && isspace(buffer[i]); ++i); - if (buffer[i] == '\0' || buffer[i] == '#') continue; +#ifdef USE_EXT4 + { "CACHE:", "/dev/block/platform/sdhci-tegra.3/by-name/cache", NULL, NULL, + "/cache", "ext4" }, + { "DATA:", "/dev/block/platform/sdhci-tegra.3/by-name/userdata", NULL, NULL, + "/data", "ext4" }, + { "EXT:", "/dev/block/sda1", NULL, NULL, "/sdcard", "vfat" }, +#else + { "CACHE:", g_mtd_device, NULL, "cache", "/cache", "yaffs2" }, + { "DATA:", g_mtd_device, NULL, "userdata", "/data", "yaffs2" }, + { "EXT:", "/dev/block/mmcblk0p1", "/dev/block/mmcblk0", NULL, "/sdcard", "vfat" }, + { "MISC:", g_mtd_device, NULL, "misc", NULL, g_raw }, +#endif - char* original = strdup(buffer); +}; +#define NUM_ROOTS (sizeof(g_roots) / sizeof(g_roots[0])) - char* mount_point = strtok(buffer+i, " \t\n"); - char* fs_type = strtok(NULL, " \t\n"); - char* device = strtok(NULL, " \t\n"); - // lines may optionally have a second device, to use if - // mounting the first one fails. - char* device2 = strtok(NULL, " \t\n"); +static const RootInfo * +get_root_info_for_path(const char *root_path) +{ + const char *c; - if (mount_point && fs_type && device) { - while (num_volumes >= alloc) { - alloc *= 2; - device_volumes = realloc(device_volumes, alloc*sizeof(Volume)); - } - device_volumes[num_volumes].mount_point = strdup(mount_point); - device_volumes[num_volumes].fs_type = strdup(fs_type); - device_volumes[num_volumes].device = strdup(device); - device_volumes[num_volumes].device2 = - device2 ? strdup(device2) : NULL; - ++num_volumes; - } else { - LOGE("skipping malformed recovery.fstab line: %s\n", original); + /* Find the first colon. + */ + c = root_path; + while (*c != '\0' && *c != ':') { + c++; + } + if (*c == '\0') { + return NULL; + } + size_t len = c - root_path + 1; + size_t i; + for (i = 0; i < NUM_ROOTS; i++) { + RootInfo *info = &g_roots[i]; + if (strncmp(info->name, root_path, len) == 0) { + return info; } - free(original); } + return NULL; +} - fclose(fstab); +/* Takes a string like "SYSTEM:lib" and turns it into a string + * like "/system/lib". The translated path is put in out_buf, + * and out_buf is returned if the translation succeeded. + */ +const char * +translate_root_path(const char *root_path, char *out_buf, size_t out_buf_len) +{ + if (out_buf_len < 1) { + return NULL; + } + + const RootInfo *info = get_root_info_for_path(root_path); + if (info == NULL || info->mount_point == NULL) { + return NULL; + } - printf("recovery filesystem table\n"); - printf("=========================\n"); - for (i = 0; i < num_volumes; ++i) { - Volume* v = &device_volumes[i]; - printf(" %d %s %s %s %s\n", i, v->mount_point, v->fs_type, - v->device, v->device2); + /* Find the relative part of the non-root part of the path. + */ + root_path += strlen(info->name); // strip off the "root:" + while (*root_path != '\0' && *root_path == '/') { + root_path++; } - printf("\n"); + + size_t mp_len = strlen(info->mount_point); + size_t rp_len = strlen(root_path); + if (mp_len + 1 + rp_len + 1 > out_buf_len) { + return NULL; + } + + /* Glue the mount point to the relative part of the path. + */ + memcpy(out_buf, info->mount_point, mp_len); + if (out_buf[mp_len - 1] != '/') out_buf[mp_len++] = '/'; + + memcpy(out_buf + mp_len, root_path, rp_len); + out_buf[mp_len + rp_len] = '\0'; + + return out_buf; } -Volume* volume_for_path(const char* path) { - int i; - for (i = 0; i < num_volumes; ++i) { - Volume* v = device_volumes+i; - int len = strlen(v->mount_point); - if (strncmp(path, v->mount_point, len) == 0 && - (path[len] == '\0' || path[len] == '/')) { - return v; - } +static int +internal_root_mounted(const RootInfo *info) +{ + if (info->mount_point == NULL) { + return -1; } - return NULL; + if (info->filesystem == g_ramdisk) { + return 0; + } + + /* See if this root is already mounted. + */ + int ret = scan_mounted_volumes(); + if (ret < 0) { + return ret; + } + const MountedVolume *volume; + volume = find_mounted_volume_by_mount_point(info->mount_point); + if (volume != NULL) { + /* It's already mounted. + */ + return 0; + } + return -1; } -int ensure_path_mounted(const char* path) { - Volume* v = volume_for_path(path); - if (v == NULL) { - LOGE("unknown volume for path [%s]\n", path); +int +is_root_path_mounted(const char *root_path) +{ + const RootInfo *info = get_root_info_for_path(root_path); + if (info == NULL) { return -1; } + return internal_root_mounted(info) >= 0; +} - int result; - result = scan_mounted_volumes(); - if (result < 0) { - LOGE("failed to scan mounted volumes\n"); +int +ensure_root_path_mounted(const char *root_path) +{ + const RootInfo *info = get_root_info_for_path(root_path); + if (info == NULL) { return -1; } - const MountedVolume* mv = - find_mounted_volume_by_mount_point(v->mount_point); - if (mv) { - // volume is already mounted + int ret = internal_root_mounted(info); + if (ret >= 0) { + /* It's already mounted. + */ return 0; } - mkdir(v->mount_point, 0755); // in case it doesn't already exist - - if (strcmp(v->fs_type, "yaffs2") == 0) { - // mount an MTD partition as a YAFFS2 filesystem. + /* It's not mounted. + */ + if (info->device == g_mtd_device) { + if (info->partition_name == NULL) { + return -1; + } +//TODO: make the mtd stuff scan once when it needs to mtd_scan_partitions(); - const MtdPartition* partition; - partition = mtd_find_partition_by_name(v->device); + const MtdPartition *partition; + partition = mtd_find_partition_by_name(info->partition_name); if (partition == NULL) { - LOGE("failed to find \"%s\" partition to mount at \"%s\"\n", - v->device, v->mount_point); return -1; } - return mtd_mount_partition(partition, v->mount_point, v->fs_type, 0); - } else if (strcmp(v->fs_type, "ext4") == 0 || - strcmp(v->fs_type, "vfat") == 0) { - result = mount(v->device, v->mount_point, v->fs_type, - MS_NOATIME | MS_NODEV | MS_NODIRATIME, ""); - if (result == 0) return 0; - - if (v->device2) { - LOGW("failed to mount %s (%s); trying %s\n", - v->device, strerror(errno), v->device2); - result = mount(v->device2, v->mount_point, v->fs_type, - MS_NOATIME | MS_NODEV | MS_NODIRATIME, ""); - if (result == 0) return 0; - } + return mtd_mount_partition(partition, info->mount_point, + info->filesystem, 0); + } - LOGE("failed to mount %s (%s)\n", v->mount_point, strerror(errno)); + if (info->device == NULL || info->mount_point == NULL || + info->filesystem == NULL || + info->filesystem == g_raw || + info->filesystem == g_package_file) { return -1; } - LOGE("unknown fs_type \"%s\" for %s\n", v->fs_type, v->mount_point); - return -1; + mkdir(info->mount_point, 0755); // in case it doesn't already exist + if (mount(info->device, info->mount_point, info->filesystem, + MS_NOATIME | MS_NODEV | MS_NODIRATIME, "")) { + if (info->device2 == NULL) { + LOGE("Can't mount %s\n(%s)\n", info->device, strerror(errno)); + return -1; + } else if (mount(info->device2, info->mount_point, info->filesystem, + MS_NOATIME | MS_NODEV | MS_NODIRATIME, "")) { + LOGE("Can't mount %s (or %s)\n(%s)\n", + info->device, info->device2, strerror(errno)); + return -1; + } + } + return 0; } -int ensure_path_unmounted(const char* path) { - Volume* v = volume_for_path(path); - if (v == NULL) { - LOGE("unknown volume for path [%s]\n", path); +int +ensure_root_path_unmounted(const char *root_path) +{ + const RootInfo *info = get_root_info_for_path(root_path); + if (info == NULL) { return -1; } - - int result; - result = scan_mounted_volumes(); - if (result < 0) { - LOGE("failed to scan mounted volumes\n"); - return -1; + if (info->mount_point == NULL) { + /* This root can't be mounted, so by definition it isn't. + */ + return 0; } +//xxx if TMP: (or similar) just return error - const MountedVolume* mv = - find_mounted_volume_by_mount_point(v->mount_point); - if (mv == NULL) { - // volume is already unmounted + /* See if this root is already mounted. + */ + int ret = scan_mounted_volumes(); + if (ret < 0) { + return ret; + } + const MountedVolume *volume; + volume = find_mounted_volume_by_mount_point(info->mount_point); + if (volume == NULL) { + /* It's not mounted. + */ return 0; } - return unmount_mounted_volume(mv); + return unmount_mounted_volume(volume); } -int format_volume(const char* volume) { - Volume* v = volume_for_path(volume); - if (v == NULL) { - LOGE("unknown volume \"%s\"\n", volume); - return -1; +const MtdPartition * +get_root_mtd_partition(const char *root_path) +{ + const RootInfo *info = get_root_info_for_path(root_path); + if (info == NULL || info->device != g_mtd_device || + info->partition_name == NULL) + { + return NULL; } - if (strcmp(v->mount_point, volume) != 0) { - LOGE("can't give path \"%s\" to format_volume\n", volume); + mtd_scan_partitions(); + return mtd_find_partition_by_name(info->partition_name); +} + +int +format_root_device(const char *root) +{ + /* Be a little safer here; require that "root" is just + * a device with no relative path after it. + */ + const char *c = root; + while (*c != '\0' && *c != ':') { + c++; + } + if (c[0] != ':' || c[1] != '\0') { + LOGW("format_root_device: bad root name \"%s\"\n", root); return -1; } - if (ensure_path_unmounted(volume) != 0) { - LOGE("format_volume failed to unmount \"%s\"\n", v->mount_point); + const RootInfo *info = get_root_info_for_path(root); + if (info == NULL || info->device == NULL) { + LOGW("format_root_device: can't resolve \"%s\"\n", root); return -1; } + if (info->mount_point != NULL) { + /* Don't try to format a mounted device. + */ + int ret = ensure_root_path_unmounted(root); + if (ret < 0) { + LOGW("format_root_device: can't unmount \"%s\"\n", root); + return ret; + } + } - if (strcmp(v->fs_type, "yaffs2") == 0 || strcmp(v->fs_type, "mtd") == 0) { + /* Format the device. + */ + if (info->device == g_mtd_device) { mtd_scan_partitions(); - const MtdPartition* partition = mtd_find_partition_by_name(v->device); + const MtdPartition *partition; + partition = mtd_find_partition_by_name(info->partition_name); if (partition == NULL) { - LOGE("format_volume: no MTD partition \"%s\"\n", v->device); + LOGW("format_root_device: can't find mtd partition \"%s\"\n", + info->partition_name); return -1; } - - MtdWriteContext *write = mtd_write_partition(partition); - if (write == NULL) { - LOGW("format_volume: can't open MTD \"%s\"\n", v->device); - return -1; - } else if (mtd_erase_blocks(write, -1) == (off_t) -1) { - LOGW("format_volume: can't erase MTD \"%s\"\n", v->device); - mtd_write_close(write); - return -1; - } else if (mtd_write_close(write)) { - LOGW("format_volume: can't close MTD \"%s\"\n", v->device); - return -1; + if (info->filesystem == g_raw || !strcmp(info->filesystem, "yaffs2")) { + MtdWriteContext *write = mtd_write_partition(partition); + if (write == NULL) { + LOGW("format_root_device: can't open \"%s\"\n", root); + return -1; + } else if (mtd_erase_blocks(write, -1) == (off_t) -1) { + LOGW("format_root_device: can't erase \"%s\"\n", root); + mtd_write_close(write); + return -1; + } else if (mtd_write_close(write)) { + LOGW("format_root_device: can't close \"%s\"\n", root); + return -1; + } else { + return 0; + } } - return 0; } - if (strcmp(v->fs_type, "ext4") == 0) { +#ifdef USE_EXT4 + if (strcmp(info->filesystem, "ext4") == 0) { + LOGW("starting to reformat ext4\n"); reset_ext4fs_info(); - int result = make_ext4fs(v->device, NULL, NULL, 0, 0, 0); + int result = make_ext4fs(info->device, NULL, NULL, 0, 0, 0); + LOGW("finished reformat ext4: result = %d\n", result); if (result != 0) { - LOGE("format_volume: make_extf4fs failed on %s\n", v->device); + LOGW("make_ext4fs failed: %d\n", result); return -1; } return 0; } +#endif + +//TODO: handle other device types (sdcard, etc.) - LOGE("format_volume: fs_type \"%s\" unsupported\n", v->fs_type); + LOGW("format_root_device: unknown device \"%s\"\n", root); return -1; } @@ -17,25 +17,33 @@ #ifndef RECOVERY_ROOTS_H_ #define RECOVERY_ROOTS_H_ -#include "common.h" +#include "minzip/Zip.h" +#include "mtdutils/mtdutils.h" -// Load and parse volume data from /etc/recovery.fstab. -void load_volume_table(); +/* Any of the "root_path" arguments can be paths with relative + * components, like "SYSTEM:a/b/c". + */ + +/* Takes a string like "SYSTEM:lib" and turns it into a string + * like "/system/lib". The translated path is put in out_buf, + * and out_buf is returned if the translation succeeded. + */ +const char *translate_root_path(const char *root_path, + char *out_buf, size_t out_buf_len); -// Return the Volume* record for this path (or NULL). -Volume* volume_for_path(const char* path); +/* Returns negative on error, positive if it's mounted, zero if it isn't. + */ +int is_root_path_mounted(const char *root_path); + +int ensure_root_path_mounted(const char *root_path); -// Make sure that the volume 'path' is on is mounted. Returns 0 on -// success (volume is mounted). -int ensure_path_mounted(const char* path); +int ensure_root_path_unmounted(const char *root_path); -// Make sure that the volume 'path' is on is mounted. Returns 0 on -// success (volume is unmounted); -int ensure_path_unmounted(const char* path); +const MtdPartition *get_root_mtd_partition(const char *root_path); -// Reformat the given volume (must be the mount point only, eg -// "/cache"), no paths permitted. Attempts to unmount the volume if -// it is mounted. -int format_volume(const char* volume); +/* "root" must be the exact name of the root; no relative path is permitted. + * If the named root is mounted, this will attempt to unmount it first. + */ +int format_root_device(const char *root); #endif // RECOVERY_ROOTS_H_ diff --git a/test_roots.c b/test_roots.c new file mode 100644 index 000000000..f49f55e21 --- /dev/null +++ b/test_roots.c @@ -0,0 +1,81 @@ +/* + * Copyright (C) 2007 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <sys/stat.h> +#include "roots.h" +#include "common.h" + +#define CANARY_FILE "/system/build.prop" +#define CANARY_FILE_ROOT_PATH "SYSTEM:build.prop" + +int +file_exists(const char *path) +{ + struct stat st; + int ret; + ret = stat(path, &st); + if (ret == 0) { + return S_ISREG(st.st_mode); + } + return 0; +} + +int +test_roots() +{ + int ret; + + /* Make sure that /system isn't mounted yet. + */ + if (file_exists(CANARY_FILE)) return -__LINE__; + if (is_root_path_mounted(CANARY_FILE_ROOT_PATH)) return -__LINE__; + + /* Try to mount the root. + */ + ret = ensure_root_path_mounted(CANARY_FILE_ROOT_PATH); + if (ret < 0) return -__LINE__; + + /* Make sure we can see the file now and that we know the root is mounted. + */ + if (!file_exists(CANARY_FILE)) return -__LINE__; + if (!is_root_path_mounted(CANARY_FILE_ROOT_PATH)) return -__LINE__; + + /* Make sure that the root path corresponds to the regular path. + */ + struct stat st1, st2; + char buf[128]; + const char *path = translate_root_path(CANARY_FILE_ROOT_PATH, + buf, sizeof(buf)); + if (path == NULL) return -__LINE__; + ret = stat(CANARY_FILE, &st1); + if (ret != 0) return -__LINE__; + ret = stat(path, &st2); + if (ret != 0) return -__LINE__; + if (st1.st_dev != st2.st_dev || st1.st_ino != st2.st_ino) return -__LINE__; + + /* Try to unmount the root. + */ + ret = ensure_root_path_unmounted(CANARY_FILE_ROOT_PATH); + if (ret < 0) return -__LINE__; + + /* Make sure that we can't see the file anymore and that + * we don't think the root is mounted. + */ + if (file_exists(CANARY_FILE)) return -__LINE__; + if (is_root_path_mounted(CANARY_FILE_ROOT_PATH)) return -__LINE__; + + return 0; +} diff --git a/updater/Android.mk b/updater/Android.mk index dcc6a49ab..e3d62bcbe 100644 --- a/updater/Android.mk +++ b/updater/Android.mk @@ -27,6 +27,7 @@ endif LOCAL_STATIC_LIBRARIES += $(TARGET_RECOVERY_UPDATER_LIBS) $(TARGET_RECOVERY_UPDATER_EXTRA_LIBS) LOCAL_STATIC_LIBRARIES += libapplypatch libedify libmtdutils libminzip libz LOCAL_STATIC_LIBRARIES += libmincrypt libbz +LOCAL_STATIC_LIBRARIES += libminelf LOCAL_STATIC_LIBRARIES += libcutils libstdc++ libc LOCAL_C_INCLUDES += $(LOCAL_PATH)/.. @@ -51,7 +52,7 @@ inc := $(call intermediates-dir-for,PACKAGING,updater_extensions)/register.inc junk := $(shell mkdir -p $(dir $(inc));\ echo $(TARGET_RECOVERY_UPDATER_LIBS) > $(inc).temp;\ - diff -q $(inc).temp $(inc).list || cp -f $(inc).temp $(inc).list) + diff -q $(inc).temp $(inc).list 2>/dev/null || cp -f $(inc).temp $(inc).list) $(inc) : libs := $(TARGET_RECOVERY_UPDATER_LIBS) $(inc) : $(inc).list diff --git a/updater/install.c b/updater/install.c index a596dc654..685b97906 100644 --- a/updater/install.c +++ b/updater/install.c @@ -25,12 +25,15 @@ #include <sys/types.h> #include <sys/wait.h> #include <unistd.h> +#include <fcntl.h> +#include <time.h> #include "cutils/misc.h" #include "cutils/properties.h" #include "edify/expr.h" #include "mincrypt/sha.h" #include "minzip/DirUtil.h" +#include "minelf/Retouch.h" #include "mtdutils/mounts.h" #include "mtdutils/mtdutils.h" #include "updater.h" @@ -429,6 +432,121 @@ Value* PackageExtractFileFn(const char* name, State* state, } +// retouch_binaries(lib1, lib2, ...) +Value* RetouchBinariesFn(const char* name, State* state, + int argc, Expr* argv[]) { + UpdaterInfo* ui = (UpdaterInfo*)(state->cookie); + + char **retouch_entries = ReadVarArgs(state, argc, argv); + if (retouch_entries == NULL) { + return StringValue(strdup("t")); + } + + // some randomness from the clock + int32_t override_base; + bool override_set = false; + int32_t random_base = time(NULL) % 1024; + // some more randomness from /dev/random + FILE *f_random = fopen("/dev/random", "rb"); + uint16_t random_bits = 0; + if (f_random != NULL) { + fread(&random_bits, 2, 1, f_random); + random_bits = random_bits % 1024; + fclose(f_random); + } + random_base = (random_base + random_bits) % 1024; + fprintf(ui->cmd_pipe, "ui_print Random offset: 0x%x\n", random_base); + fprintf(ui->cmd_pipe, "ui_print\n"); + + // make sure we never randomize to zero; this let's us look at a file + // and know for sure whether it has been processed; important in the + // crash recovery process + if (random_base == 0) random_base = 1; + // make sure our randomization is page-aligned + random_base *= -0x1000; + override_base = random_base; + + int i = 0; + bool success = true; + while (i < (argc - 1)) { + success = success && retouch_one_library(retouch_entries[i], + retouch_entries[i+1], + random_base, + override_set ? + NULL : + &override_base); + if (!success) + ErrorAbort(state, "Failed to retouch '%s'.", retouch_entries[i]); + + free(retouch_entries[i]); + free(retouch_entries[i+1]); + i += 2; + + if (success && override_base != 0) { + random_base = override_base; + override_set = true; + } + } + if (i < argc) { + free(retouch_entries[i]); + success = false; + } + free(retouch_entries); + + if (!success) { + Value* v = malloc(sizeof(Value)); + v->type = VAL_STRING; + v->data = NULL; + v->size = -1; + return v; + } + return StringValue(strdup("t")); +} + + +// undo_retouch_binaries(lib1, lib2, ...) +Value* UndoRetouchBinariesFn(const char* name, State* state, + int argc, Expr* argv[]) { + UpdaterInfo* ui = (UpdaterInfo*)(state->cookie); + + char **retouch_entries = ReadVarArgs(state, argc, argv); + if (retouch_entries == NULL) { + return StringValue(strdup("t")); + } + + int i = 0; + bool success = true; + int32_t override_base; + while (i < (argc-1)) { + success = success && retouch_one_library(retouch_entries[i], + retouch_entries[i+1], + 0 /* undo => offset==0 */, + NULL); + if (!success) + ErrorAbort(state, "Failed to unretouch '%s'.", + retouch_entries[i]); + + free(retouch_entries[i]); + free(retouch_entries[i+1]); + i += 2; + } + if (i < argc) { + free(retouch_entries[i]); + success = false; + } + free(retouch_entries); + + if (!success) { + Value* v = malloc(sizeof(Value)); + v->type = VAL_STRING; + v->data = NULL; + v->size = -1; + return v; + } + return StringValue(strdup("t")); +} + + // symlink target src1 src2 ... // unlinks any previously existing src1, src2, etc before creating symlinks. Value* SymlinkFn(const char* name, State* state, int argc, Expr* argv[]) { @@ -1007,7 +1125,7 @@ Value* Sha1CheckFn(const char* name, State* state, int argc, Expr* argv[]) { return args[i]; } -// Read a local file and return its contents (the char* returned +// Read a local file and return its contents (the Value* returned // is actually a FileContents*). Value* ReadFileFn(const char* name, State* state, int argc, Expr* argv[]) { if (argc != 1) { @@ -1020,7 +1138,7 @@ Value* ReadFileFn(const char* name, State* state, int argc, Expr* argv[]) { v->type = VAL_BLOB; FileContents fc; - if (LoadFileContents(filename, &fc) != 0) { + if (LoadFileContents(filename, &fc, RETOUCH_DONT_MASK) != 0) { ErrorAbort(state, "%s() loading \"%s\" failed: %s", name, filename, strerror(errno)); free(filename); @@ -1047,6 +1165,8 @@ void RegisterInstallFunctions() { RegisterFunction("delete_recursive", DeleteFn); RegisterFunction("package_extract_dir", PackageExtractDirFn); RegisterFunction("package_extract_file", PackageExtractFileFn); + RegisterFunction("retouch_binaries", RetouchBinariesFn); + RegisterFunction("undo_retouch_binaries", UndoRetouchBinariesFn); RegisterFunction("symlink", SymlinkFn); RegisterFunction("set_perm", SetPermFn); RegisterFunction("set_perm_recursive", SetPermFn); |