summaryrefslogtreecommitdiffstats
path: root/applypatch/applypatch.cpp (unfollow)
Commit message (Collapse)AuthorFilesLines
2017-03-16applypatch: Drop the support for patching non-EMMC targets.Tao Bao1-277/+109
Patching regular files is used in file-based OTA only, which has become obsolete. Bug: 35853185 Test: Apply an incremental that patches the boot.img. Test: /system/bin/install-recovery.sh works. Test: recovery_component_test passes. Change-Id: Id44e42c4bc63f2162ecc8a6df1cb528b7ae6b0a9
2016-12-28applypatch: Don't expose FindMatchingPatch().Tao Bao1-1/+1
Test: make Change-Id: Ic77c4669574b6129e06aa6051804f419bcc8196c
2016-12-19Bugfix:updater always retry apply patch failed,when memcpy failed.katao1-0/+11
https://code.google.com/p/android/issues/detail?id=230602 On the second attempt, open the file with O_RDONLY, which causing a write failure。 Change-Id: If89165b8c7619fe25722073a46b3cc7c61530a71 Signed-off-by: katao <ustckato@gmail.com>
2016-11-28Remove ota_close(int) and ota_fclose(FILE*).Tao Bao1-2/+2
We should always use unique_fd or unique_file to hold the FD or FILE* pointer when opening via ota_(f)open functions. This CL avoids accidentally closing raw FDs or FILE* pointers that are managed by unique_fd/unique_file. Test: recovery_component_test passes. Change-Id: If58eb8b5c5da507563f85efd5d56276472a1c957
2016-11-23Add ota_close(unique_fd&) and ota_fclose(std::unique_ptr<FILE>&).Tao Bao1-7/+7
We were using the below sequence prior to the CL in [1]. unique_fd fd(ota_open(...)); ota_close(fd); fd.reset(ota_open(...)); fd.reset() may unintentionally close the newly opened FD if it has the same value as the early ota_open. The CL in [1] changed to "ota_close(fd.release())" to avoid the issue. This CL adds a new overloaded function ota_close(unique_fd&) to handle the release automatically. Similarly add ota_fclose(std::unique_ptr<FILE>&). [1] commit 48cf770471ef53fbf0a1837196220862a0bdb18d. Bug: 33034669 Test: recovery_component_test passes. Change-Id: Ief91edc590e95a7426e33364b28754173efb1056
2016-11-21applypatch: Release FD when explicitly calling close.Tao Bao1-5/+5
We use android::base::unique_fd() to avoid leaking FD. We also want to call close (or ota_close) to explicitly check the close result. When combining the two together, we need to release the unique_fd to avoid closing the same FD twice. Bug: 33034669 Test: Trigger applypatch with install-recovery.sh. Change-Id: I1a4f5d5fba7a23ef98d8bd7b7b07e87ae6f705c5
2016-11-17applypatch: Use unique_fd to avoid leaking FDs.Tao Bao1-282/+270
Add unique_fd that calls ota_close() instead of the default closer. Test: recovery_component_test passes. Test: Apply a package that calls apply_patch(). Change-Id: I0c19921731757934f76cf7d5215916673a8f2777
2016-11-17applypatch: Clean up LoadPartitionContents().Tao Bao1-283/+257
We don't need three vectors to sort the (size, SHA-1) pairs. Test: recovery_component_test passes. Test: Apply a package that calls apply_patch_check() to patch EMMC partitions. Change-Id: I4a6620630a6711f490822cf30f1e7fe5cea6ce49
2016-10-29applypatch: Switch the parameter of Value** to std::vector.Tao Bao1-8/+8
Test: Unit tests and install-recovery.sh pass on angler and dragon. Change-Id: I328e6554edca667cf850f5584ebf1ac211e3d4d1
2016-10-18Fix applypatch_check failure when applying update on anglerTianjie Xu1-1/+1
Applypatch_check should be skipped if no sha is specified. As the comments said: "It's okay to specify no sha1s; the check will pass if the LoadFileContents is successful. Useful for reading partitions, where the filename encodes the sha1s." Test: The update package applied on angler successfully. Bug: 32243751 Change-Id: Ib8f3dadf19f745c2dbd350d60da46ab12d75bc87
2016-10-15Change StringValue to use std::stringTianjie Xu1-16/+12
Changing the field of 'Value' in edify to std::string from char*. Meanwhile cleaning up the users of 'Value' and switching them to cpp style. Test: compontent tests passed. Bug: 31713288 Change-Id: Iec5a7d601b1e4ca40935bf1c70d325dafecec235
2016-09-01Check an edge case when read(2) returns 0Tianjie Xu1-0/+3
We might end up in an infinite loop if read(2) reached EOF unexpectedly. The problematic code in uncrypt mentioned in the bug has been fixed by switching to libbase ReadFully(). So I grepped through the recovery code and fixed some other occurences of the issue. Bug: 31073201 Change-Id: Ib867029158ba23363b8f85d61c25058a635c5a6b
2016-06-10Remove obsolete MTD support.Elliott Hughes1-207/+101
Bug: http://b/29250988 Change-Id: Ia97ba9082a165c37f74d6e1c3f71a367adc59945
2016-04-18Fix google-runtime-int warnings.Chih-Hung Hsieh1-1/+1
Bug: 28220065 Change-Id: Ida199c66692a1638be6990d583d2ed42583fb592
2016-03-19Control fault injection with config files instead of build flagsJed Estep1-1/+1
Bug: 27724259 Change-Id: I65bdefed10b3fb85fcb9e1147eaf0687d7d438f4
2016-03-17Revert "DO NOT MERGE Control fault injection with config files instead of build flags"Tao Bao1-1/+1
This reverts commit f73abf36bcfd433a3fdd1664a77e8e531346c1b1. Bug: 27724259 Change-Id: I1301fdad15650837d0b1febd0c3239134e2b94fb
2016-03-16DO NOT MERGE Control fault injection with config files instead of build flagsJed Estep1-1/+1
Bug: 26570379 Change-Id: I76109d09276d6e3ed3a32b6fedafb2582f545c0c
2016-03-11applypatch: use vector to store data in FileContents.Yabin Cui1-72/+33
Cherry pick this patch because it fixes the problem that a newed Value is released by free(). Bug: 26906416 Change-Id: Ib53b445cd415a1ed5e95733fbc4073f9ef4dbc43 (cherry picked from commit d6c93afcc28cc65217ba65eeb646009c4f15a2ad)
2016-03-03Fix the improper use of LOCAL_WHOLE_STATIC_LIBRARIES.Tao Bao1-1/+1
If two libraries both use LOCAL_WHOLE_STATIC_LIBRARIES and include a same library, there would be linking errors when generating a shared library (or executable) that depends on the two libraries both. Also clean up Android.mk files. Remove the "LOCAL_MODULE_TAGS := eng" line for the updater module. The module will then default to "optional" which won't be built until needed. Change-Id: I3ec227109b8aa744b7568e7f82f575aae3fe0e6f
2016-02-23Control fault injection with config files instead of build flagsJed Estep1-1/+1
Bug: 26570379 Change-Id: I76109d09276d6e3ed3a32b6fedafb2582f545c0c (cherry picked from commit d940887dde23597dc358b16d96ca48dd7480fee6)
2016-02-12applypatch: use vector to store data in FileContents.Yabin Cui1-71/+32
Bug: 26906416 Change-Id: Ib53b445cd415a1ed5e95733fbc4073f9ef4dbc43
2016-02-10IO fault injection for OTA packagesJed Estep1-26/+27
Bug: 25951086 Change-Id: I31c74c735eb7a975b7f41fe2b2eff042e5699c0c (cherry-picked from commit f1fc48c6e62cfee42d25ad12f443e22d50c15d0b)
2016-02-05applypatch: fix memory leaks reported by static analysis.Yabin Cui1-96/+83
Bug: 26906416 Change-Id: I163df5a8f3abda3ba5d4ed81dfc8567054eceb27
2016-02-04Switch from mincrypt to BoringSSL in applypatch and updater.Sen Jiang1-24/+23
Bug: 18790686 Change-Id: I7d2136fb39b2266f5ae5be24819c617b08a6c21e
2016-01-06IO fault injection for OTA packagesJed Estep1-24/+25
Bug: 25951086 Change-Id: I31c74c735eb7a975b7f41fe2b2eff042e5699c0c
2015-12-05Track rename from base/ to android-base/.Elliott Hughes1-1/+1
Change-Id: I354a8c424d340a9abe21fd716a4ee0d3b177d86f
2015-11-16applypatch: Fix the checking in WriteToPartition().Tao Bao1-3/+4
WriteToPartition() should consider a target name as valid if it contains multiple colons. But only the first two fields will be used. Bug: 22725128 Change-Id: I9d0236eaf97df9db9704acf53690d0ef85188e45 (cherry picked from commit 1ce7a2a63db84527e6195a6b123b1617f87c0f38)
2015-11-16applypatch: Support flash mode.Tao Bao1-12/+72
We may carry a full copy of recovery image in the /system, and use /system/bin/install-recovery.sh to install the recovery. This CL adds support to flash the recovery partition with the given image. Bug: 22641135 Change-Id: I345eaaee269f6443527f45a9be7e4ee47f6b2b39 (cherry picked from commit 68c5a6796737bb583a8bdfa4c9cd9c7f12ef4276)
2015-11-16applypatch: Refactor strtok().Tao Bao1-83/+53
We have android::base::Split() for the work. Change-Id: Ic529db42090f700e6455d465c8b84b7f52d34d63 (cherry picked from commit 0a47ce27de454e272a883a0c452fad627fd7f419)
2015-11-16DO NOT MERGE recovery: Switch applypatch/ and updater/ to cpp.Tao Bao1-89/+66
Mostly trivial changes to make cpp compiler happy. Change-Id: I69bd1d96fcccf506007f6144faf37e11cfba1270 (cherry picked from commit ba9a42aa7e10686de186636fe9fecbf8c4cc7c19)
2015-07-14recovery: Switch applypatch/ and updater/ to cpp.Tao Bao1-1048/+0
Mostly trivial changes to make cpp compiler happy. Change-Id: I1b0481465c67c3bbca35a839d0764190d84ff34e (cherry picked from commit ba9a42aa7e10686de186636fe9fecbf8c4cc7c19)
2015-07-14recovery: Switch applypatch/ and updater/ to cpp.Tao Bao1-1048/+0
Mostly trivial changes to make cpp compiler happy. Change-Id: I69bd1d96fcccf506007f6144faf37e11cfba1270
2015-06-26Use f_bavail to calculate free spacecaozhiyuan1-1/+1
Failures are seen on devices with Linux 3.10. And they are mainly due to this change: https://lwn.net/Articles/546473/ The blocks reserved in this change is not the same thing as what we think are reserved for common usage of root user. And this part is included in free blocks but not in available blocks. Bug: 22118089 Change-Id: I81c9531703298019a4fc11839f28d2cc8b9df34e (cherry picked from commit 3b4977638f48e59d23d7ea2bb6dde78552c257fb)
2015-05-29Use f_bavail to calculate free spacecaozhiyuan1-1/+1
Failures are seen on devices with Linux 3.10. And they are mainly due to this change: https://lwn.net/Articles/546473/ The blocks reserved in this change is not the same thing as what we think are reserved for common usage of root user. And this part is included in free blocks but not in available blocks. Change-Id: Ib29e12d775b86ef657c0af7fa7a944d2b1e12dc8
2015-04-30Check all lseek calls succeed.Elliott Hughes1-24/+27
Also add missing TEMP_FAILURE_RETRYs on read, write, and lseek. Bug: http://b/20625546 Change-Id: I03b198e11c1921b35518ee2dd005a7cfcf4fd94b (cherry picked from commit 7bad7c4646ee8fd8d6e6ed0ffd3ddbb0c1b41a2f)
2015-04-30Check all lseek calls succeed.Elliott Hughes1-24/+27
Also add missing TEMP_FAILURE_RETRYs on read, write, and lseek. Bug: http://b/20625546 Change-Id: I03b198e11c1921b35518ee2dd005a7cfcf4fd94b
2014-10-29Use more aggressive sync writing to applypatch.Michael Runge1-8/+36
We have seen cases where the boot partition is patched, but upon recovery the partition appears to be corrupted. Open up all patched files/partitions with O_SYNC, and do not ignore the errors from fsync/close operations. Bug: 18170529 Change-Id: I392ad0a321d937c4ad02eaeea9170be384a4744b
2014-08-20installer for new block OTA systemDoug Zongker1-3/+3
(Cherry-pick back from master.) Bug: 16984795 Change-Id: Ifa3d8345c5e2a0be86fb28faa080ca82592a96b4
2014-08-19installer for new block OTA systemDoug Zongker1-3/+3
Bug: 16984795 Change-Id: I90f958446baed83dec658de2430c8fc5e9c3047e
2014-03-14Recovery 64-bit compile issuesMark Salyzyn1-6/+6
Change-Id: I92d5abd1a628feab3b0246924fab7f97ba3b9d34
2014-02-14remove 'retouch' ASLR supportDoug Zongker1-27/+8
Older versions of android supported an ASLR system where binaries were randomly twiddled at OTA install time. Remove support for this; we now use the ASLR support in the linux kernel. Change-Id: I8348eb0d6424692668dc1a00e2416fbef6c158a2
2013-12-20fix unnecessarily slow writing of EMMC partitionsDoug Zongker1-15/+3
These were attempts to write partitions "conservatively" in hopes of fixing the problems with writing the radio partition on Nexus 4. They didn't work (a kernel patch was needed), but got left in. They make writing of partitions unnecessarily slow (ie, we really shouldn't need to sync() after every 4kb). Roll back most of them, but leave the verification read-back in. Change-Id: I94badc0979e88816c5aa0485f6316c02be69173c
2013-09-25verifier: update to support certificates using SHA-256Doug Zongker1-1/+1
(cherry picked from commit bac7fba02763ae5e78e8e4ba0bea727330ad953e) Change-Id: I01c38d7fea088622a8b0bbf2c833fa2d969417af
2013-07-11recovery: remove O_DIRECT, use O_SYNC onlyDoug Zongker1-2/+2
O_DIRECT writes fail with EINVAL due to alignment issues. Change-Id: If8cf38a636313e4f4b4e61e66287dc903c473e5b
2013-07-11recovery: more cargo-cult programmingDoug Zongker1-2/+2
Add O_DIRECT|O_SYNC when opening partitions for write. Change-Id: I9825ad8e60fba87e482f8abc5593d6f54a1e3a1c
2013-07-11recovery: sleep after writing partition and closing itDoug Zongker1-2/+7
Another speculative attempt to get everything we write actually stored to the device. Change-Id: Icf40b0741b4c535e55ea34848073a97d90dc0e70
2013-07-10recovery: sleep after writing partition and closing itDoug Zongker1-2/+7
Another speculative attempt to get everything we write actually stored to the device. Change-Id: Icf40b0741b4c535e55ea34848073a97d90dc0e70
2013-07-10recovery: write partitions more conservativelyDoug Zongker1-24/+46
Write and verify partitions using write(2) and read(2) rather than the stdio functions. Read and write in 4kb blocks. When writing, fsync() every 1MB. Bug: 9602014 Change-Id: Ie98ce38e857786fc0f4ebf36bb5ffc93b41bc96f
2013-07-10recovery: try to write EMMC partitions more reliablyDoug Zongker1-6/+72
Nexus 4 has flash errors that manifest during large writes (eg, of the radio partition). Writes of some blocks seem to be dropped silently, without any errors being returned to the user level. Make two changes to the partition-writing code: - break it up into 1MB writes instead of writing partitions with a single fwrite() call. Pause for 50ms in between every chunk. - read the partition back after writing and verify that we read what we wrote. Drop caches before reading so we (hopefully) are reading off the actual flash and not some cache. Neither of these should be necessary. Bug: 9602014 Change-Id: Ice2e24dd4c11f1a57968277b5eb1468c772f6f63
2013-07-09recovery: write partitions more conservativelyDoug Zongker1-24/+46
Write and verify partitions using write(2) and read(2) rather than the stdio functions. Read and write in 4kb blocks. When writing, fsync() every 1MB. Bug: 9602014 Change-Id: Ie98ce38e857786fc0f4ebf36bb5ffc93b41bc96f
2013-07-08recovery: try to write EMMC partitions more reliablyDoug Zongker1-6/+72
Nexus 4 has flash errors that manifest during large writes (eg, of the radio partition). Writes of some blocks seem to be dropped silently, without any errors being returned to the user level. Make two changes to the partition-writing code: - break it up into 1MB writes instead of writing partitions with a single fwrite() call. Pause for 50ms in between every chunk. - read the partition back after writing and verify that we read what we wrote. Drop caches before reading so we (hopefully) are reading off the actual flash and not some cache. Neither of these should be necessary. Bug: 9602014 Change-Id: Ice2e24dd4c11f1a57968277b5eb1468c772f6f63
2013-04-10verifier: update to support certificates using SHA-256Doug Zongker1-1/+1
Change-Id: Ifd5a29d459acf101311fa1c220f728c3d0ac2e4e
2012-10-19reduce some recovery loggingDoug Zongker1-6/+21
Make minzip log only a count of files when extracting, not individual filenames. Make patching only chatter about free space if there's not enough and compact the other messages. Only the last 8k of the recovery log gets uploaded; this makes it more likely that we will get all of it. Change-Id: I529cb4947fe2185df82b9da5fae450a7480dcecd
2012-08-21add bonus data feature to imgdiff/imgpatch/applypatchDoug Zongker1-5/+8
The bonus data option lets you give an additional blob of uncompressed data to be used when constructing a patch for chunk #1 of an image. The same blob must be available at patch time, and can be passed to the command-line applypatch tool (this feature is not accessible from edify scripts). This will be used to reduce the size of recovery-from-boot patches by storing parts of the recovery ramdisk (the UI images) on the system partition. Change-Id: Iac1959cdf7f5e4582f8d434e83456e483b64c02c
2012-06-27Add mode when open(O_CREAT) is used.Nick Kralevich1-2/+2
When creating a new file using open(..., O_CREAT), it is an error to fail to specify a creation mode. If a mode is not specified, a random stack provided value is used as the "mode". This will become a compile error in a future Android change. Change-Id: I73c1e1a39ca36bf01704b07302af4971d234b5a8
2012-02-28fix buildDoug Zongker1-1/+1
Change-Id: I44a75f5451af053778be299b23274ecce9b2db76
2012-02-28fix failure to free memoryDoug Zongker1-18/+44
The applypatch function is somewhat sloppy about freeing memory (since it was originally a standalone binary). Fix some of that. Change-Id: Ifd44d71ea189c0b5115493119fd57bc37533fd59
2010-09-15(cherry-pick) EMMC support in applypatchDoug Zongker1-102/+175
Let applypatch read and write EMMC partitions as well as MTD ones. This enables incremental updates that include boot image changes, as well as OTA of new recovery partitions. Change-Id: Ib1861219c7ca66dff29ad02d6a0a14e5f03eb4d8
2010-08-13fix bug in applying patchesDoug Zongker1-1/+1
When restarting a patch from crashing in the middle of a large file, we're not finding the correct patch to apply to the copy saved in cache. Change-Id: I41cb2b87d096bb7a28a10c4cf3902facd45d4c9d
2010-08-13remove shadowed variable declarationDoug Zongker1-1/+2
An accidental variable declaration ("int enough_space = ..." instead of "enough_space = " inside a block) shadowing the real one meant we were always using the copy-to-cache path for patching, even when not necessary. Remove it. Enforce an absolute minimum of free space as well, to avoid running into problems patching small files, now that the copy-to-cache path is (inadvertently) well-tested. Change-Id: Idb7d57241a9adcda2e11001fa44f0cd67ce40d19
2010-08-13remove shadowed variable declarationDoug Zongker1-1/+2
An accidental variable declaration ("int enough_space = ..." instead of "enough_space = " inside a block) shadowing the real one meant we were always using the copy-to-cache path for patching, even when not necessary. Remove it. Enforce an absolute minimum of free space as well, to avoid running into problems patching small files, now that the copy-to-cache path is (inadvertently) well-tested. Change-Id: Idb7d57241a9adcda2e11001fa44f0cd67ce40d19
2010-08-13fix bug in applying patchesDoug Zongker1-1/+1
When restarting a patch from crashing in the middle of a large file, we're not finding the correct patch to apply to the copy saved in cache. Change-Id: I41cb2b87d096bb7a28a10c4cf3902facd45d4c9d
2010-08-02Working ASLR implementationHristo Bojinov1-10/+32
Separate files for retouch functionality are in minelf/* ASLR for shared libraries is controlled by "-a" in ota_from_target_files. Binary files are self-contained. Retouch logic can recover from crashes. Signed-off-by: Hristo Bojinov <hristo@google.com> Change-Id: I76c596abf4febd68c14f9d807ac62e8751e0b1bd
2010-07-08EMMC support in applypatchDoug Zongker1-102/+175
Let applypatch read and write EMMC partitions as well as MTD ones. This enables incremental updates that include boot image changes, as well as OTA of new recovery partitions. Change-Id: I3766b9e77c639769ddf693b675da51d57f6e6b1d
2010-02-23refactor applypatch and friendsDoug Zongker1-722/+637
Change the applypatch function to take meaningful arguments instead of argc and argv. Move all the parsing of arguments into main.c (for the standalone binary) and into install.c (for the updater function). applypatch() takes patches as Value objects, so we can pass in blobs extracted from the package without ever writing them to temp files. The patching code is changed to read the patch from memory instead of a file. A bunch of compiler warnings (mostly about signed vs unsigned types) are fixed. Support for the IMGDIFF1 format is dropped. (We've been generating IMGDIFF2 packages for some time now.) Change-Id: I217563c500012750f27110db821928a06211323f
2010-02-18relocate applypatch; add type system and new functions to edifyDoug Zongker1-0/+900
- Move applypatch to this package (from build). - Add a rudimentary type system to edify: instead of just returning a char*, functions now return a Value*, which is a struct that can carry different types of value (currently just STRING and BLOB). Convert all functions to this new scheme. - Change the one-argument form of package_extract_file to return a Value of the new BLOB type. - Add read_file() to load a local file and return a blob, and sha1_check() to test a blob (or string) against a set of possible sha1s. read_file() uses the file-loading code from applypatch so it can read MTD partitions as well. This is the start of better integration between applypatch and the rest of edify. b/2361316 - VZW Issue PP628: Continuous reset to Droid logo: framework-res.apk update failed (CR LIBtt59130) Change-Id: Ibd038074749a4d515de1f115c498c6c589ee91e5