| Commit message (Collapse) | Author | Files | Lines |
|---|
|
Save the target file to tempfile upon unittest failures so that we can
try to decompress the deflate chunks in the flaky unittests. And print
the zlib version in case that gets changed.
Also the SHA1 of the uncompressed data seems correct; so only keep the
final SHA1 to double confirm.
Bug: 67849209
Test: recovery_component_test
Change-Id: Ic6447c2b75c29379d6844cd23a0ff1c4305694a0
|
|
We have a general need for overriding more paths (e.g. "/tmp"), mostly
for testing purpose. Rename CacheLocation to Paths, and use that to
manage TEMPORARY_{INSTALL,LOG}_FILE.
Test: mmma -j bootable/recovery
Test: recovery_component_test
Change-Id: Ia8ce8e5695df37ca434f13ac4d3206de1e8e9396
|
|
The apply patch test should have a deterministic way to append patch
data. Add debug logs to dump the length and SHA1 of each step to further
track down the flakiness.
Also redirect the debug logging to stdout in case the logcat becomes too
chatty.
Bug: 67849209
Test: Run recovery_component_test
Change-Id: I42bafef2d9dee599719ae57840b3d8c00d243ebd
|
|
As they're accepting the SinkFn callback, it makes more sense to leave
the work to their callers.
Test: mmma -j bootable/recovery
Test: Run recovery_component_test on marlin.
Test: No other active user of the two functions.
Change-Id: I8d67b38ce037925442296f136b483e0c71983777
|
|
After splitting the previously flaky
ApplyPatchModesTest#PatchModeEmmcTarget tests,
PatchModeEmmcTargetWithMultiplePatches now becomes the sole victim. This
CL dumps additional info to narrow down the cause.
Bug: 67849209
Test: `recovery_component_test` on marlin.
Test: It dumps additional info after using corrupt bonus.file.
Change-Id: Ic5436de457cc882a51d03f49d5cee70077f7d3df
|
|
We set the limit of the max stash size to 80% of cache size. But the
cache space can still be insufficient for the update if the log files
occupy a large chunk of /cache. So remove the old logs for now to make
room for the update.
Bug: 77528881
Test: unit tests pass
Change-Id: Ia8bcb0ace11f8164ad9290bfb360e08e31d282cb
|
|
This class allows us to set the following locations dynamically:
cache_temp_source, last_command_file, stash_directory_base.
In the updater's main function, we reset the values of these variables
to their default locations in /cache; while we can set them to temp
files in unit tests or host simulation.
Test: unit tests pass
Change-Id: I528652650caa41373617ab055d41b1f1a4ec0f87
|
|
When running the update simulation, we choose to skip the cache size
check for now due to the lack of "/cache" on host. And in later cls we
can implement a cache size estimator to make the check more constrained.
Also build the host version of support libraries.
Test: unit test pass
Change-Id: I3ed93c857fd02f7b62f5baba9130f75c3236e717
|
|
It used to keep track of the stat(2) info (e.g. st_mode/st_gid/st_uid)
while patching a file in file-based OTA.
Test: Build and use the new updater to apply an update on bullhead.
Change-Id: Ibf8f0f4b14298a9489bf24a2678bb279c5d9c8f3
|
|
It used to be "const Value*", but nullptr won't be a valid input.
Test: recovery_host_test; recovery_component_test
Change-Id: I904b5689ac3e64504088bf0544c9fb5d45a52243
|
|
We encountered segfaults in Imgdiff host tests due to the failure to
reset states of getopt. The problem can be solved by switching to use
bionic's gtest where a new process is forked for each test.
Also modify the recovery_component_test to make sure it runs in parallel.
Changes include:
1. Merge the writes to misc partition into one single test.
2. Change the hard coded location "/cache/saved.file" into a configurable
variable.
Bug: 67849209
Test: recovery tests pass
Change-Id: I165d313f32b83393fb7922c5078636ac40b50bc2
|
|
Also drop the "bootable/recovery" path in LOCAL_C_INCLUDES from
applypatch modules.
Test: lunch aosp_{angler,bullhead,fugu,dragon,sailfish}-userdebug;
mmma bootable/recovery
Change-Id: Idd602a796894f971ee4f8fa3eafe36c42d9de986
|
|
Test: mmma bootable/recovery
Change-Id: I3ceb72f703c7c2857d656c137d71baa1fccd8238
|
|
Test: mmma bootable/recovery system/update_engine
Test: recovery_component_test
Change-Id: I93c2caa87bf94a53509bb37f98f2c02bcadb6f5c
|
|
Mostly for applypatch family APIs like ApplyBSDiffPatch() and
ApplyImagePatch(). Changing to size_t doesn't indicate they would
necessarily work with very large size_t (e.g. > ssize_t), just
similar to write(2). But otherwise accepting negative length doesn't
make much sense.
Also change the return type of SinkFn from ssize_t to size_t. Callers
tell a successful sink by comparing the number of written bytes against
the desired value. Negative return values like -1 are not needed. This
also makes it consistent with bsdiff::bspatch interface.
Test: recovery_component_test
Test: Apply an incremental with the new updater.
Change-Id: I7ff1615203a5c9854134f75d019e266f4ea6e714
|
|
Patching regular files is used in file-based OTA only, which has become
obsolete.
Bug: 35853185
Test: Apply an incremental that patches the boot.img.
Test: /system/bin/install-recovery.sh works.
Test: recovery_component_test passes.
Change-Id: Id44e42c4bc63f2162ecc8a6df1cb528b7ae6b0a9
|
|
Test: make
Change-Id: Ic77c4669574b6129e06aa6051804f419bcc8196c
|
|
https://code.google.com/p/android/issues/detail?id=230602
On the second attempt, open the file with O_RDONLY,
which causing a write failure。
Change-Id: If89165b8c7619fe25722073a46b3cc7c61530a71
Signed-off-by: katao <ustckato@gmail.com>
|
|
We should always use unique_fd or unique_file to hold the FD or FILE*
pointer when opening via ota_(f)open functions.
This CL avoids accidentally closing raw FDs or FILE* pointers that are
managed by unique_fd/unique_file.
Test: recovery_component_test passes.
Change-Id: If58eb8b5c5da507563f85efd5d56276472a1c957
|
|
We were using the below sequence prior to the CL in [1].
unique_fd fd(ota_open(...));
ota_close(fd);
fd.reset(ota_open(...));
fd.reset() may unintentionally close the newly opened FD if it
has the same value as the early ota_open. The CL in [1] changed to
"ota_close(fd.release())" to avoid the issue. This CL adds a new
overloaded function ota_close(unique_fd&) to handle the release
automatically.
Similarly add ota_fclose(std::unique_ptr<FILE>&).
[1] commit 48cf770471ef53fbf0a1837196220862a0bdb18d.
Bug: 33034669
Test: recovery_component_test passes.
Change-Id: Ief91edc590e95a7426e33364b28754173efb1056
|
|
We use android::base::unique_fd() to avoid leaking FD. We also want to
call close (or ota_close) to explicitly check the close result. When
combining the two together, we need to release the unique_fd to avoid
closing the same FD twice.
Bug: 33034669
Test: Trigger applypatch with install-recovery.sh.
Change-Id: I1a4f5d5fba7a23ef98d8bd7b7b07e87ae6f705c5
|
|
Add unique_fd that calls ota_close() instead of the default closer.
Test: recovery_component_test passes.
Test: Apply a package that calls apply_patch().
Change-Id: I0c19921731757934f76cf7d5215916673a8f2777
|
|
We don't need three vectors to sort the (size, SHA-1) pairs.
Test: recovery_component_test passes.
Test: Apply a package that calls apply_patch_check() to patch EMMC
partitions.
Change-Id: I4a6620630a6711f490822cf30f1e7fe5cea6ce49
|
|
Test: Unit tests and install-recovery.sh pass on angler and dragon.
Change-Id: I328e6554edca667cf850f5584ebf1ac211e3d4d1
|
|
Applypatch_check should be skipped if no sha is specified. As the
comments said: "It's okay to specify no sha1s; the check will pass if
the LoadFileContents is successful. Useful for reading partitions,
where the filename encodes the sha1s."
Test: The update package applied on angler successfully.
Bug: 32243751
Change-Id: Ib8f3dadf19f745c2dbd350d60da46ab12d75bc87
|
|
Changing the field of 'Value' in edify to std::string from char*.
Meanwhile cleaning up the users of 'Value' and switching them to
cpp style.
Test: compontent tests passed.
Bug: 31713288
Change-Id: Iec5a7d601b1e4ca40935bf1c70d325dafecec235
|
|
We might end up in an infinite loop if read(2) reached EOF unexpectedly.
The problematic code in uncrypt mentioned in the bug has been fixed
by switching to libbase ReadFully(). So I grepped through the recovery
code and fixed some other occurences of the issue.
Bug: 31073201
Change-Id: Ib867029158ba23363b8f85d61c25058a635c5a6b
|
|
Bug: http://b/29250988
Change-Id: Ia97ba9082a165c37f74d6e1c3f71a367adc59945
|
|
Bug: 28220065
Change-Id: Ida199c66692a1638be6990d583d2ed42583fb592
|
|
Bug: 27724259
Change-Id: I65bdefed10b3fb85fcb9e1147eaf0687d7d438f4
|
|
This reverts commit f73abf36bcfd433a3fdd1664a77e8e531346c1b1.
Bug: 27724259
Change-Id: I1301fdad15650837d0b1febd0c3239134e2b94fb
|
|
Bug: 26570379
Change-Id: I76109d09276d6e3ed3a32b6fedafb2582f545c0c
|
|
Cherry pick this patch because it fixes the problem that
a newed Value is released by free().
Bug: 26906416
Change-Id: Ib53b445cd415a1ed5e95733fbc4073f9ef4dbc43
(cherry picked from commit d6c93afcc28cc65217ba65eeb646009c4f15a2ad)
|
|
If two libraries both use LOCAL_WHOLE_STATIC_LIBRARIES and include a same
library, there would be linking errors when generating a shared library
(or executable) that depends on the two libraries both.
Also clean up Android.mk files.
Remove the "LOCAL_MODULE_TAGS := eng" line for the updater module. The
module will then default to "optional" which won't be built until needed.
Change-Id: I3ec227109b8aa744b7568e7f82f575aae3fe0e6f
|
|
Bug: 26570379
Change-Id: I76109d09276d6e3ed3a32b6fedafb2582f545c0c
(cherry picked from commit d940887dde23597dc358b16d96ca48dd7480fee6)
|
|
Bug: 26570379
Change-Id: I76109d09276d6e3ed3a32b6fedafb2582f545c0c
|
|
Bug: 26906416
Change-Id: Ib53b445cd415a1ed5e95733fbc4073f9ef4dbc43
|
|
Bug: 25951086
Change-Id: I31c74c735eb7a975b7f41fe2b2eff042e5699c0c
(cherry-picked from commit f1fc48c6e62cfee42d25ad12f443e22d50c15d0b)
|
|
Bug: 26906416
Change-Id: I163df5a8f3abda3ba5d4ed81dfc8567054eceb27
|
|
Bug: 18790686
Change-Id: I7d2136fb39b2266f5ae5be24819c617b08a6c21e
|
|
Bug: 25951086
Change-Id: I31c74c735eb7a975b7f41fe2b2eff042e5699c0c
|
|
Change-Id: I354a8c424d340a9abe21fd716a4ee0d3b177d86f
|
|
WriteToPartition() should consider a target name as valid if it contains
multiple colons. But only the first two fields will be used.
Bug: 22725128
Change-Id: I9d0236eaf97df9db9704acf53690d0ef85188e45
(cherry picked from commit 1ce7a2a63db84527e6195a6b123b1617f87c0f38)
|
|
We may carry a full copy of recovery image in the /system, and use
/system/bin/install-recovery.sh to install the recovery. This CL adds
support to flash the recovery partition with the given image.
Bug: 22641135
Change-Id: I345eaaee269f6443527f45a9be7e4ee47f6b2b39
(cherry picked from commit 68c5a6796737bb583a8bdfa4c9cd9c7f12ef4276)
|
|
We have android::base::Split() for the work.
Change-Id: Ic529db42090f700e6455d465c8b84b7f52d34d63
(cherry picked from commit 0a47ce27de454e272a883a0c452fad627fd7f419)
|
|
Mostly trivial changes to make cpp compiler happy.
Change-Id: I69bd1d96fcccf506007f6144faf37e11cfba1270
(cherry picked from commit ba9a42aa7e10686de186636fe9fecbf8c4cc7c19)
|
|
Mostly trivial changes to make cpp compiler happy.
Change-Id: I1b0481465c67c3bbca35a839d0764190d84ff34e
(cherry picked from commit ba9a42aa7e10686de186636fe9fecbf8c4cc7c19)
|
|
Mostly trivial changes to make cpp compiler happy.
Change-Id: I69bd1d96fcccf506007f6144faf37e11cfba1270
|
|
Failures are seen on devices with
Linux 3.10. And they are mainly due to this change:
https://lwn.net/Articles/546473/
The blocks reserved in this change is not the same thing as what we
think are reserved for common usage of root user. And this part is
included in free blocks but not in available blocks.
Bug: 22118089
Change-Id: I81c9531703298019a4fc11839f28d2cc8b9df34e
(cherry picked from commit 3b4977638f48e59d23d7ea2bb6dde78552c257fb)
|
|
Failures are seen on devices with
Linux 3.10. And they are mainly due to this change:
https://lwn.net/Articles/546473/
The blocks reserved in this change is not the same thing as what we
think are reserved for common usage of root user. And this part is
included in free blocks but not in available blocks.
Change-Id: Ib29e12d775b86ef657c0af7fa7a944d2b1e12dc8
|
|
Also add missing TEMP_FAILURE_RETRYs on read, write, and lseek.
Bug: http://b/20625546
Change-Id: I03b198e11c1921b35518ee2dd005a7cfcf4fd94b
(cherry picked from commit 7bad7c4646ee8fd8d6e6ed0ffd3ddbb0c1b41a2f)
|
|
Also add missing TEMP_FAILURE_RETRYs on read, write, and lseek.
Bug: http://b/20625546
Change-Id: I03b198e11c1921b35518ee2dd005a7cfcf4fd94b
|
|
We have seen cases where the boot partition is patched, but upon
recovery the partition appears to be corrupted. Open up all
patched files/partitions with O_SYNC, and do not ignore the
errors from fsync/close operations.
Bug: 18170529
Change-Id: I392ad0a321d937c4ad02eaeea9170be384a4744b
|
|
(Cherry-pick back from master.)
Bug: 16984795
Change-Id: Ifa3d8345c5e2a0be86fb28faa080ca82592a96b4
|
|
Bug: 16984795
Change-Id: I90f958446baed83dec658de2430c8fc5e9c3047e
|
|
Change-Id: I92d5abd1a628feab3b0246924fab7f97ba3b9d34
|
|
Older versions of android supported an ASLR system where binaries were
randomly twiddled at OTA install time. Remove support for this; we
now use the ASLR support in the linux kernel.
Change-Id: I8348eb0d6424692668dc1a00e2416fbef6c158a2
|
|
These were attempts to write partitions "conservatively" in hopes of
fixing the problems with writing the radio partition on Nexus 4. They
didn't work (a kernel patch was needed), but got left in. They make
writing of partitions unnecessarily slow (ie, we really shouldn't need
to sync() after every 4kb). Roll back most of them, but leave the
verification read-back in.
Change-Id: I94badc0979e88816c5aa0485f6316c02be69173c
|
|
(cherry picked from commit bac7fba02763ae5e78e8e4ba0bea727330ad953e)
Change-Id: I01c38d7fea088622a8b0bbf2c833fa2d969417af
|
|
O_DIRECT writes fail with EINVAL due to alignment issues.
Change-Id: If8cf38a636313e4f4b4e61e66287dc903c473e5b
|
|
Add O_DIRECT|O_SYNC when opening partitions for write.
Change-Id: I9825ad8e60fba87e482f8abc5593d6f54a1e3a1c
|
|
Another speculative attempt to get everything we write actually stored
to the device.
Change-Id: Icf40b0741b4c535e55ea34848073a97d90dc0e70
|
|
Another speculative attempt to get everything we write actually stored
to the device.
Change-Id: Icf40b0741b4c535e55ea34848073a97d90dc0e70
|
|
Write and verify partitions using write(2) and read(2) rather than the
stdio functions. Read and write in 4kb blocks. When writing, fsync()
every 1MB.
Bug: 9602014
Change-Id: Ie98ce38e857786fc0f4ebf36bb5ffc93b41bc96f
|
|
Nexus 4 has flash errors that manifest during large writes (eg, of the
radio partition). Writes of some blocks seem to be dropped silently,
without any errors being returned to the user level.
Make two changes to the partition-writing code:
- break it up into 1MB writes instead of writing partitions with a
single fwrite() call. Pause for 50ms in between every chunk.
- read the partition back after writing and verify that we read what
we wrote. Drop caches before reading so we (hopefully) are reading
off the actual flash and not some cache.
Neither of these should be necessary.
Bug: 9602014
Change-Id: Ice2e24dd4c11f1a57968277b5eb1468c772f6f63
|
|
Write and verify partitions using write(2) and read(2) rather than the
stdio functions. Read and write in 4kb blocks. When writing, fsync()
every 1MB.
Bug: 9602014
Change-Id: Ie98ce38e857786fc0f4ebf36bb5ffc93b41bc96f
|
|
Nexus 4 has flash errors that manifest during large writes (eg, of the
radio partition). Writes of some blocks seem to be dropped silently,
without any errors being returned to the user level.
Make two changes to the partition-writing code:
- break it up into 1MB writes instead of writing partitions with a
single fwrite() call. Pause for 50ms in between every chunk.
- read the partition back after writing and verify that we read what
we wrote. Drop caches before reading so we (hopefully) are reading
off the actual flash and not some cache.
Neither of these should be necessary.
Bug: 9602014
Change-Id: Ice2e24dd4c11f1a57968277b5eb1468c772f6f63
|
|
Change-Id: Ifd5a29d459acf101311fa1c220f728c3d0ac2e4e
|
|
Make minzip log only a count of files when extracting, not individual
filenames. Make patching only chatter about free space if there's not
enough and compact the other messages.
Only the last 8k of the recovery log gets uploaded; this makes it more
likely that we will get all of it.
Change-Id: I529cb4947fe2185df82b9da5fae450a7480dcecd
|
|
The bonus data option lets you give an additional blob of uncompressed
data to be used when constructing a patch for chunk #1 of an image.
The same blob must be available at patch time, and can be passed to
the command-line applypatch tool (this feature is not accessible from
edify scripts).
This will be used to reduce the size of recovery-from-boot patches by
storing parts of the recovery ramdisk (the UI images) on the system
partition.
Change-Id: Iac1959cdf7f5e4582f8d434e83456e483b64c02c
|
|
When creating a new file using open(..., O_CREAT), it is an error
to fail to specify a creation mode. If a mode is not specified, a
random stack provided value is used as the "mode".
This will become a compile error in a future Android change.
Change-Id: I73c1e1a39ca36bf01704b07302af4971d234b5a8
|
|
Change-Id: I44a75f5451af053778be299b23274ecce9b2db76
|
|
The applypatch function is somewhat sloppy about freeing memory (since
it was originally a standalone binary). Fix some of that.
Change-Id: Ifd44d71ea189c0b5115493119fd57bc37533fd59
|
|
Let applypatch read and write EMMC partitions as well as MTD ones.
This enables incremental updates that include boot image changes, as
well as OTA of new recovery partitions.
Change-Id: Ib1861219c7ca66dff29ad02d6a0a14e5f03eb4d8
|
|
When restarting a patch from crashing in the middle of a large file,
we're not finding the correct patch to apply to the copy saved in
cache.
Change-Id: I41cb2b87d096bb7a28a10c4cf3902facd45d4c9d
|
|
An accidental variable declaration ("int enough_space = ..." instead
of "enough_space = " inside a block) shadowing the real one meant we
were always using the copy-to-cache path for patching, even when not
necessary. Remove it. Enforce an absolute minimum of free space as
well, to avoid running into problems patching small files, now that
the copy-to-cache path is (inadvertently) well-tested.
Change-Id: Idb7d57241a9adcda2e11001fa44f0cd67ce40d19
|
|
An accidental variable declaration ("int enough_space = ..." instead
of "enough_space = " inside a block) shadowing the real one meant we
were always using the copy-to-cache path for patching, even when not
necessary. Remove it. Enforce an absolute minimum of free space as
well, to avoid running into problems patching small files, now that
the copy-to-cache path is (inadvertently) well-tested.
Change-Id: Idb7d57241a9adcda2e11001fa44f0cd67ce40d19
|
|
When restarting a patch from crashing in the middle of a large file,
we're not finding the correct patch to apply to the copy saved in
cache.
Change-Id: I41cb2b87d096bb7a28a10c4cf3902facd45d4c9d
|
|
Separate files for retouch functionality are in minelf/*
ASLR for shared libraries is controlled by "-a" in ota_from_target_files.
Binary files are self-contained. Retouch logic can recover from crashes.
Signed-off-by: Hristo Bojinov <hristo@google.com>
Change-Id: I76c596abf4febd68c14f9d807ac62e8751e0b1bd
|
|
Let applypatch read and write EMMC partitions as well as MTD ones.
This enables incremental updates that include boot image changes, as
well as OTA of new recovery partitions.
Change-Id: I3766b9e77c639769ddf693b675da51d57f6e6b1d
|
|
Change the applypatch function to take meaningful arguments instead of
argc and argv. Move all the parsing of arguments into main.c (for the
standalone binary) and into install.c (for the updater function).
applypatch() takes patches as Value objects, so we can pass in blobs
extracted from the package without ever writing them to temp files.
The patching code is changed to read the patch from memory instead of
a file.
A bunch of compiler warnings (mostly about signed vs unsigned types)
are fixed.
Support for the IMGDIFF1 format is dropped. (We've been generating
IMGDIFF2 packages for some time now.)
Change-Id: I217563c500012750f27110db821928a06211323f
|
|
- Move applypatch to this package (from build).
- Add a rudimentary type system to edify: instead of just returning a
char*, functions now return a Value*, which is a struct that can
carry different types of value (currently just STRING and BLOB).
Convert all functions to this new scheme.
- Change the one-argument form of package_extract_file to return a
Value of the new BLOB type.
- Add read_file() to load a local file and return a blob, and
sha1_check() to test a blob (or string) against a set of possible
sha1s. read_file() uses the file-loading code from applypatch so it
can read MTD partitions as well.
This is the start of better integration between applypatch and the
rest of edify.
b/2361316 - VZW Issue PP628: Continuous reset to Droid logo:
framework-res.apk update failed (CR LIBtt59130)
Change-Id: Ibd038074749a4d515de1f115c498c6c589ee91e5
|
