diff options
| -rw-r--r-- | Android.mk | 4 | ||||
| -rw-r--r-- | install.cpp | 39 | ||||
| -rw-r--r-- | otautil/include/otautil/paths.h | 10 | ||||
| -rw-r--r-- | otautil/paths.cpp | 4 | ||||
| -rw-r--r-- | private/install.h | 18 | ||||
| -rw-r--r-- | tests/Android.mk | 4 | ||||
| -rw-r--r-- | tests/component/install_test.cpp | 174 | ||||
| -rw-r--r-- | updater_sample/Android.mk | 5 | ||||
| -rw-r--r-- | updater_sample/AndroidManifest.xml | 2 | ||||
| -rw-r--r-- | updater_sample/README.md | 82 | ||||
| -rw-r--r-- | updater_sample/proguard.flags | 24 | ||||
| -rw-r--r-- | updater_sample/tests/Android.mk | 6 | ||||
| -rw-r--r-- | updater_sample/tests/res/raw/update_config_002_stream.json | 2 | ||||
| -rw-r--r-- | updater_sample/tests/res/raw/update_config_003_nonstream.json | 2 |
14 files changed, 214 insertions, 162 deletions
diff --git a/Android.mk b/Android.mk index 24da8b28a..257564058 100644 --- a/Android.mk +++ b/Android.mk @@ -143,10 +143,6 @@ LOCAL_C_INCLUDES := \ LOCAL_CFLAGS := $(recovery_common_cflags) -ifeq ($(AB_OTA_UPDATER),true) - LOCAL_CFLAGS += -DAB_OTA_UPDATER=1 -endif - LOCAL_MODULE := librecovery LOCAL_STATIC_LIBRARIES := \ diff --git a/install.cpp b/install.cpp index a4c6986a6..800847fdb 100644 --- a/install.cpp +++ b/install.cpp @@ -45,6 +45,7 @@ #include <android-base/properties.h> #include <android-base/stringprintf.h> #include <android-base/strings.h> +#include <android-base/unique_fd.h> #include <vintf/VintfObjectRecovery.h> #include <ziparchive/zip_archive.h> @@ -124,11 +125,9 @@ static void read_source_target_build(ZipArchiveHandle zip, std::vector<std::stri } } -#ifdef AB_OTA_UPDATER - -// Parses the metadata of the OTA package in |zip| and checks whether we are -// allowed to accept this A/B package. Downgrading is not allowed unless -// explicitly enabled in the package and only for incremental packages. +// Parses the metadata of the OTA package in |zip| and checks whether we are allowed to accept this +// A/B package. Downgrading is not allowed unless explicitly enabled in the package and only for +// incremental packages. static int check_newer_ab_build(ZipArchiveHandle zip) { std::string metadata_str; if (!read_metadata_from_package(zip, &metadata_str)) { @@ -214,8 +213,7 @@ static int check_newer_ab_build(ZipArchiveHandle zip) { return 0; } -int update_binary_command(const std::string& package, ZipArchiveHandle zip, - const std::string& binary_path, int /* retry_count */, int status_fd, +int SetUpAbUpdateCommands(const std::string& package, ZipArchiveHandle zip, int status_fd, std::vector<std::string>* cmd) { CHECK(cmd != nullptr); int ret = check_newer_ab_build(zip); @@ -250,7 +248,7 @@ int update_binary_command(const std::string& package, ZipArchiveHandle zip, } long payload_offset = payload_entry.offset; *cmd = { - binary_path, + "/sbin/update_engine_sideload", "--payload=file://" + package, android::base::StringPrintf("--offset=%ld", payload_offset), "--headers=" + std::string(payload_properties.begin(), payload_properties.end()), @@ -259,14 +257,11 @@ int update_binary_command(const std::string& package, ZipArchiveHandle zip, return 0; } -#else // !AB_OTA_UPDATER - -int update_binary_command(const std::string& package, ZipArchiveHandle zip, - const std::string& binary_path, int retry_count, int status_fd, - std::vector<std::string>* cmd) { +int SetUpNonAbUpdateCommands(const std::string& package, ZipArchiveHandle zip, int retry_count, + int status_fd, std::vector<std::string>* cmd) { CHECK(cmd != nullptr); - // On traditional updates we extract the update binary from the package. + // In non-A/B updates we extract the update binary from the package. static constexpr const char* UPDATE_BINARY_NAME = "META-INF/com/google/android/update-binary"; ZipString binary_name(UPDATE_BINARY_NAME); ZipEntry binary_entry; @@ -275,15 +270,16 @@ int update_binary_command(const std::string& package, ZipArchiveHandle zip, return INSTALL_CORRUPT; } + const std::string binary_path = Paths::Get().temporary_update_binary(); unlink(binary_path.c_str()); - int fd = open(binary_path.c_str(), O_CREAT | O_WRONLY | O_TRUNC | O_CLOEXEC, 0755); + android::base::unique_fd fd( + open(binary_path.c_str(), O_CREAT | O_WRONLY | O_TRUNC | O_CLOEXEC, 0755)); if (fd == -1) { PLOG(ERROR) << "Failed to create " << binary_path; return INSTALL_ERROR; } int32_t error = ExtractEntryToFile(zip, &binary_entry, fd); - close(fd); if (error != 0) { LOG(ERROR) << "Failed to extract " << UPDATE_BINARY_NAME << ": " << ErrorCodeString(error); return INSTALL_ERROR; @@ -300,7 +296,6 @@ int update_binary_command(const std::string& package, ZipArchiveHandle zip, } return 0; } -#endif // !AB_OTA_UPDATER static void log_max_temperature(int* max_temperature, const std::atomic<bool>& logger_finished) { CHECK(max_temperature != nullptr); @@ -321,14 +316,10 @@ static int try_update_binary(const std::string& package, ZipArchiveHandle zip, b int pipefd[2]; pipe(pipefd); + bool is_ab = android::base::GetBoolProperty("ro.build.ab_update", false); std::vector<std::string> args; -#ifdef AB_OTA_UPDATER - int ret = update_binary_command(package, zip, "/sbin/update_engine_sideload", retry_count, - pipefd[1], &args); -#else - int ret = update_binary_command(package, zip, "/tmp/update-binary", retry_count, pipefd[1], - &args); -#endif + int ret = is_ab ? SetUpAbUpdateCommands(package, zip, pipefd[1], &args) + : SetUpNonAbUpdateCommands(package, zip, retry_count, pipefd[1], &args); if (ret) { close(pipefd[0]); close(pipefd[1]); diff --git a/otautil/include/otautil/paths.h b/otautil/include/otautil/paths.h index 39088f100..f95741a24 100644 --- a/otautil/include/otautil/paths.h +++ b/otautil/include/otautil/paths.h @@ -76,6 +76,13 @@ class Paths { temporary_log_file_ = log_file; } + std::string temporary_update_binary() const { + return temporary_update_binary_; + } + void set_temporary_update_binary(const std::string& update_binary) { + temporary_update_binary_ = update_binary; + } + private: Paths(); DISALLOW_COPY_AND_ASSIGN(Paths); @@ -103,6 +110,9 @@ class Paths { // Path to the temporary log file while under recovery. std::string temporary_log_file_; + + // Path to the temporary update binary while installing a non-A/B package. + std::string temporary_update_binary_; }; #endif // _OTAUTIL_PATHS_H_ diff --git a/otautil/paths.cpp b/otautil/paths.cpp index f08e51c7a..33ab4a5d4 100644 --- a/otautil/paths.cpp +++ b/otautil/paths.cpp @@ -23,6 +23,7 @@ constexpr const char kDefaultResourceDirectory[] = "/res/images"; constexpr const char kDefaultStashDirectoryBase[] = "/cache/recovery"; constexpr const char kDefaultTemporaryInstallFile[] = "/tmp/last_install"; constexpr const char kDefaultTemporaryLogFile[] = "/tmp/recovery.log"; +constexpr const char kDefaultTemporaryUpdateBinary[] = "/tmp/update-binary"; Paths& Paths::Get() { static Paths paths; @@ -36,4 +37,5 @@ Paths::Paths() resource_dir_(kDefaultResourceDirectory), stash_directory_base_(kDefaultStashDirectoryBase), temporary_install_file_(kDefaultTemporaryInstallFile), - temporary_log_file_(kDefaultTemporaryLogFile) {} + temporary_log_file_(kDefaultTemporaryLogFile), + temporary_update_binary_(kDefaultTemporaryUpdateBinary) {} diff --git a/private/install.h b/private/install.h index ef64bd41d..7fdc741d6 100644 --- a/private/install.h +++ b/private/install.h @@ -23,9 +23,17 @@ #include <ziparchive/zip_archive.h> -// Extract the update binary from the open zip archive |zip| located at |package| to |binary_path|. -// Store the command line that should be called into |cmd|. The |status_fd| is the file descriptor -// the child process should use to report back the progress of the update. -int update_binary_command(const std::string& package, ZipArchiveHandle zip, - const std::string& binary_path, int retry_count, int status_fd, +// Sets up the commands for a non-A/B update. Extracts the updater binary from the open zip archive +// |zip| located at |package|. Stores the command line that should be called into |cmd|. The +// |status_fd| is the file descriptor the child process should use to report back the progress of +// the update. +int SetUpNonAbUpdateCommands(const std::string& package, ZipArchiveHandle zip, int retry_count, + int status_fd, std::vector<std::string>* cmd); + +// Sets up the commands for an A/B update. Extracts the needed entries from the open zip archive +// |zip| located at |package|. Stores the command line that should be called into |cmd|. The +// |status_fd| is the file descriptor the child process should use to report back the progress of +// the update. Note that since this applies to the sideloading flow only, it takes one less +// parameter |retry_count| than the non-A/B version. +int SetUpAbUpdateCommands(const std::string& package, ZipArchiveHandle zip, int status_fd, std::vector<std::string>* cmd); diff --git a/tests/Android.mk b/tests/Android.mk index ff420668a..a9e64916f 100644 --- a/tests/Android.mk +++ b/tests/Android.mk @@ -72,10 +72,6 @@ LOCAL_CFLAGS := \ -Werror \ -D_FILE_OFFSET_BITS=64 -ifeq ($(AB_OTA_UPDATER),true) -LOCAL_CFLAGS += -DAB_OTA_UPDATER=1 -endif - LOCAL_MODULE := recovery_component_test LOCAL_COMPATIBILITY_SUITE := device-tests LOCAL_C_INCLUDES := bootable/recovery diff --git a/tests/component/install_test.cpp b/tests/component/install_test.cpp index d19d788e4..b9af0b18b 100644 --- a/tests/component/install_test.cpp +++ b/tests/component/install_test.cpp @@ -33,6 +33,7 @@ #include <ziparchive/zip_writer.h> #include "install.h" +#include "otautil/paths.h" #include "private/install.h" TEST(InstallTest, verify_package_compatibility_no_entry) { @@ -199,8 +200,73 @@ TEST(InstallTest, verify_package_compatibility_with_libvintf_system_manifest_xml CloseArchive(zip); } -#ifdef AB_OTA_UPDATER -static void VerifyAbUpdateBinaryCommand(const std::string& serialno, bool success = true) { +TEST(InstallTest, SetUpNonAbUpdateCommands) { + TemporaryFile temp_file; + FILE* zip_file = fdopen(temp_file.release(), "w"); + ZipWriter writer(zip_file); + static constexpr const char* UPDATE_BINARY_NAME = "META-INF/com/google/android/update-binary"; + ASSERT_EQ(0, writer.StartEntry(UPDATE_BINARY_NAME, kCompressStored)); + ASSERT_EQ(0, writer.FinishEntry()); + ASSERT_EQ(0, writer.Finish()); + ASSERT_EQ(0, fclose(zip_file)); + + ZipArchiveHandle zip; + ASSERT_EQ(0, OpenArchive(temp_file.path, &zip)); + int status_fd = 10; + std::string package = "/path/to/update.zip"; + TemporaryDir td; + std::string binary_path = std::string(td.path) + "/update_binary"; + Paths::Get().set_temporary_update_binary(binary_path); + std::vector<std::string> cmd; + ASSERT_EQ(0, SetUpNonAbUpdateCommands(package, zip, 0, status_fd, &cmd)); + ASSERT_EQ(4U, cmd.size()); + ASSERT_EQ(binary_path, cmd[0]); + ASSERT_EQ("3", cmd[1]); // RECOVERY_API_VERSION + ASSERT_EQ(std::to_string(status_fd), cmd[2]); + ASSERT_EQ(package, cmd[3]); + struct stat sb; + ASSERT_EQ(0, stat(binary_path.c_str(), &sb)); + ASSERT_EQ(static_cast<mode_t>(0755), sb.st_mode & (S_IRWXU | S_IRWXG | S_IRWXO)); + + // With non-zero retry count. update_binary will be removed automatically. + cmd.clear(); + ASSERT_EQ(0, SetUpNonAbUpdateCommands(package, zip, 2, status_fd, &cmd)); + ASSERT_EQ(5U, cmd.size()); + ASSERT_EQ(binary_path, cmd[0]); + ASSERT_EQ("3", cmd[1]); // RECOVERY_API_VERSION + ASSERT_EQ(std::to_string(status_fd), cmd[2]); + ASSERT_EQ(package, cmd[3]); + ASSERT_EQ("retry", cmd[4]); + sb = {}; + ASSERT_EQ(0, stat(binary_path.c_str(), &sb)); + ASSERT_EQ(static_cast<mode_t>(0755), sb.st_mode & (S_IRWXU | S_IRWXG | S_IRWXO)); + + CloseArchive(zip); +} + +TEST(InstallTest, SetUpNonAbUpdateCommands_MissingUpdateBinary) { + TemporaryFile temp_file; + FILE* zip_file = fdopen(temp_file.release(), "w"); + ZipWriter writer(zip_file); + // The archive must have something to be opened correctly. + ASSERT_EQ(0, writer.StartEntry("dummy_entry", 0)); + ASSERT_EQ(0, writer.FinishEntry()); + ASSERT_EQ(0, writer.Finish()); + ASSERT_EQ(0, fclose(zip_file)); + + // Missing update binary. + ZipArchiveHandle zip; + ASSERT_EQ(0, OpenArchive(temp_file.path, &zip)); + int status_fd = 10; + std::string package = "/path/to/update.zip"; + TemporaryDir td; + Paths::Get().set_temporary_update_binary(std::string(td.path) + "/update_binary"); + std::vector<std::string> cmd; + ASSERT_EQ(INSTALL_CORRUPT, SetUpNonAbUpdateCommands(package, zip, 0, status_fd, &cmd)); + CloseArchive(zip); +} + +static void VerifyAbUpdateCommands(const std::string& serialno, bool success = true) { TemporaryFile temp_file; FILE* zip_file = fdopen(temp_file.release(), "w"); ZipWriter writer(zip_file); @@ -235,73 +301,27 @@ static void VerifyAbUpdateBinaryCommand(const std::string& serialno, bool succes ASSERT_EQ(0, FindEntry(zip, payload_name, &payload_entry)); int status_fd = 10; std::string package = "/path/to/update.zip"; - std::string binary_path = "/sbin/update_engine_sideload"; std::vector<std::string> cmd; if (success) { - ASSERT_EQ(0, update_binary_command(package, zip, binary_path, 0, status_fd, &cmd)); + ASSERT_EQ(0, SetUpAbUpdateCommands(package, zip, status_fd, &cmd)); ASSERT_EQ(5U, cmd.size()); - ASSERT_EQ(binary_path, cmd[0]); + ASSERT_EQ("/sbin/update_engine_sideload", cmd[0]); ASSERT_EQ("--payload=file://" + package, cmd[1]); ASSERT_EQ("--offset=" + std::to_string(payload_entry.offset), cmd[2]); ASSERT_EQ("--headers=" + properties, cmd[3]); ASSERT_EQ("--status_fd=" + std::to_string(status_fd), cmd[4]); } else { - ASSERT_EQ(INSTALL_ERROR, update_binary_command(package, zip, binary_path, 0, status_fd, &cmd)); + ASSERT_EQ(INSTALL_ERROR, SetUpAbUpdateCommands(package, zip, status_fd, &cmd)); } CloseArchive(zip); } -#endif // AB_OTA_UPDATER -TEST(InstallTest, update_binary_command_smoke) { -#ifdef AB_OTA_UPDATER +TEST(InstallTest, SetUpAbUpdateCommands) { // Empty serialno will pass the verification. - VerifyAbUpdateBinaryCommand({}); -#else - TemporaryFile temp_file; - FILE* zip_file = fdopen(temp_file.release(), "w"); - ZipWriter writer(zip_file); - static constexpr const char* UPDATE_BINARY_NAME = "META-INF/com/google/android/update-binary"; - ASSERT_EQ(0, writer.StartEntry(UPDATE_BINARY_NAME, kCompressStored)); - ASSERT_EQ(0, writer.FinishEntry()); - ASSERT_EQ(0, writer.Finish()); - ASSERT_EQ(0, fclose(zip_file)); - - ZipArchiveHandle zip; - ASSERT_EQ(0, OpenArchive(temp_file.path, &zip)); - int status_fd = 10; - std::string package = "/path/to/update.zip"; - TemporaryDir td; - std::string binary_path = std::string(td.path) + "/update_binary"; - std::vector<std::string> cmd; - ASSERT_EQ(0, update_binary_command(package, zip, binary_path, 0, status_fd, &cmd)); - ASSERT_EQ(4U, cmd.size()); - ASSERT_EQ(binary_path, cmd[0]); - ASSERT_EQ("3", cmd[1]); // RECOVERY_API_VERSION - ASSERT_EQ(std::to_string(status_fd), cmd[2]); - ASSERT_EQ(package, cmd[3]); - struct stat sb; - ASSERT_EQ(0, stat(binary_path.c_str(), &sb)); - ASSERT_EQ(static_cast<mode_t>(0755), sb.st_mode & (S_IRWXU | S_IRWXG | S_IRWXO)); - - // With non-zero retry count. update_binary will be removed automatically. - cmd.clear(); - ASSERT_EQ(0, update_binary_command(package, zip, binary_path, 2, status_fd, &cmd)); - ASSERT_EQ(5U, cmd.size()); - ASSERT_EQ(binary_path, cmd[0]); - ASSERT_EQ("3", cmd[1]); // RECOVERY_API_VERSION - ASSERT_EQ(std::to_string(status_fd), cmd[2]); - ASSERT_EQ(package, cmd[3]); - ASSERT_EQ("retry", cmd[4]); - sb = {}; - ASSERT_EQ(0, stat(binary_path.c_str(), &sb)); - ASSERT_EQ(static_cast<mode_t>(0755), sb.st_mode & (S_IRWXU | S_IRWXG | S_IRWXO)); - - CloseArchive(zip); -#endif // AB_OTA_UPDATER + VerifyAbUpdateCommands({}); } -TEST(InstallTest, update_binary_command_invalid) { -#ifdef AB_OTA_UPDATER +TEST(InstallTest, SetUpAbUpdateCommands_MissingPayloadPropertiesTxt) { TemporaryFile temp_file; FILE* zip_file = fdopen(temp_file.release(), "w"); ZipWriter writer(zip_file); @@ -328,60 +348,36 @@ TEST(InstallTest, update_binary_command_invalid) { ASSERT_EQ(0, OpenArchive(temp_file.path, &zip)); int status_fd = 10; std::string package = "/path/to/update.zip"; - std::string binary_path = "/sbin/update_engine_sideload"; - std::vector<std::string> cmd; - ASSERT_EQ(INSTALL_CORRUPT, update_binary_command(package, zip, binary_path, 0, status_fd, &cmd)); - CloseArchive(zip); -#else - TemporaryFile temp_file; - FILE* zip_file = fdopen(temp_file.release(), "w"); - ZipWriter writer(zip_file); - // The archive must have something to be opened correctly. - ASSERT_EQ(0, writer.StartEntry("dummy_entry", 0)); - ASSERT_EQ(0, writer.FinishEntry()); - ASSERT_EQ(0, writer.Finish()); - ASSERT_EQ(0, fclose(zip_file)); - - // Missing update binary. - ZipArchiveHandle zip; - ASSERT_EQ(0, OpenArchive(temp_file.path, &zip)); - int status_fd = 10; - std::string package = "/path/to/update.zip"; - TemporaryDir td; - std::string binary_path = std::string(td.path) + "/update_binary"; std::vector<std::string> cmd; - ASSERT_EQ(INSTALL_CORRUPT, update_binary_command(package, zip, binary_path, 0, status_fd, &cmd)); + ASSERT_EQ(INSTALL_CORRUPT, SetUpAbUpdateCommands(package, zip, status_fd, &cmd)); CloseArchive(zip); -#endif // AB_OTA_UPDATER } -#ifdef AB_OTA_UPDATER -TEST(InstallTest, update_binary_command_multiple_serialno) { +TEST(InstallTest, SetUpAbUpdateCommands_MultipleSerialnos) { std::string serialno = android::base::GetProperty("ro.serialno", ""); ASSERT_NE("", serialno); // Single matching serialno will pass the verification. - VerifyAbUpdateBinaryCommand(serialno); + VerifyAbUpdateCommands(serialno); static constexpr char alphabet[] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; auto generator = []() { return alphabet[rand() % (sizeof(alphabet) - 1)]; }; // Generate 900 random serial numbers. - std::string random_serial; + std::string random_serialno; for (size_t i = 0; i < 900; i++) { - generate_n(back_inserter(random_serial), serialno.size(), generator); - random_serial.append("|"); + generate_n(back_inserter(random_serialno), serialno.size(), generator); + random_serialno.append("|"); } // Random serialnos should fail the verification. - VerifyAbUpdateBinaryCommand(random_serial, false); + VerifyAbUpdateCommands(random_serialno, false); - std::string long_serial = random_serial + serialno + "|"; + std::string long_serialno = random_serialno + serialno + "|"; for (size_t i = 0; i < 99; i++) { - generate_n(back_inserter(long_serial), serialno.size(), generator); - long_serial.append("|"); + generate_n(back_inserter(long_serialno), serialno.size(), generator); + long_serialno.append("|"); } // String with the matching serialno should pass the verification. - VerifyAbUpdateBinaryCommand(long_serial); + VerifyAbUpdateCommands(long_serialno); } -#endif // AB_OTA_UPDATER diff --git a/updater_sample/Android.mk b/updater_sample/Android.mk index 7662111b7..cff5b0c1f 100644 --- a/updater_sample/Android.mk +++ b/updater_sample/Android.mk @@ -18,11 +18,10 @@ LOCAL_PATH := $(call my-dir) include $(CLEAR_VARS) LOCAL_PACKAGE_NAME := SystemUpdaterSample -LOCAL_MODULE_TAGS := samples LOCAL_SDK_VERSION := system_current +LOCAL_PRIVILEGED_MODULE := true -# TODO: enable proguard and use proguard.flags file -LOCAL_PROGUARD_ENABLED := disabled +LOCAL_PROGUARD_FLAG_FILES := proguard.flags LOCAL_SRC_FILES := $(call all-java-files-under, src) diff --git a/updater_sample/AndroidManifest.xml b/updater_sample/AndroidManifest.xml index 4b4448438..18d8425e1 100644 --- a/updater_sample/AndroidManifest.xml +++ b/updater_sample/AndroidManifest.xml @@ -19,6 +19,8 @@ <uses-sdk android:minSdkVersion="27" android:targetSdkVersion="27" /> + <uses-permission android:name="android.permission.ACCESS_CACHE_FILESYSTEM" /> + <application android:icon="@mipmap/ic_launcher" android:label="@string/app_name" diff --git a/updater_sample/README.md b/updater_sample/README.md index 11b55eb91..f6a2a044b 100644 --- a/updater_sample/README.md +++ b/updater_sample/README.md @@ -31,7 +31,7 @@ The directory can be found in logs or on the UI. In most cases it should be loca `/data/user/0/com.example.android.systemupdatersample/files/configs/`. SystemUpdaterSample app downloads OTA package from `url`. In this sample app -`url` is expected to point to file system, e.g. `file:///data/sample-builds/ota-002.zip`. +`url` is expected to point to file system, e.g. `file:///data/my-sample-ota-builds-dir/ota-002.zip`. If `ab_install_type` is `NON_STREAMING` then app checks if `url` starts with `file://` and passes `url` to the `update_engine`. @@ -52,19 +52,6 @@ Config files can be generated using `tools/gen_update_config.py`. Running `./tools/gen_update_config.py --help` shows usage of the script. -## Running on a device - -The commands expected to be run from `$ANDROID_BUILD_TOP` and for demo -purpose only. - -1. Compile the app `$ mmma bootable/recovery/updater_sample`. -2. Install the app to the device using `$ adb install <APK_PATH>`. -3. Change permissions on `/data/ota_package/` to `0777` on the device. -4. Set SELinux mode to permissive. See instructions below. -5. Add update config files. -6. Push OTA packages to the device. - - ## Sample App State vs UpdateEngine Status UpdateEngine provides status for different stages of update application @@ -165,7 +152,54 @@ except when update_engine fails to initialize. ### Callback: onPayloadApplicationComplete -Called whenever an update attempt is completed. +Called whenever an update attempt is completed or failed. + + +## Running on a device + +The commands are expected to be run from `$ANDROID_BUILD_TOP` and for demo +purpose only. + +### Without the privileged system permissions + +1. Compile the app `mmma -j bootable/recovery/updater_sample`. +2. Install the app to the device using `adb install <APK_PATH>`. +3. Change permissions on `/data/ota_package/` to `0777` on the device. +4. Set SELinux mode to permissive. See instructions below. +5. Add update config files; look above at [Update Config file](#Update-Config-file). +6. Push OTA packages to the device. +7. Run the sample app. + +### With the privileged system permissions + +To run sample app as a privileged system app, it needs to be installed in `/system/priv-app/`. +This directory is expected to be read-only, unless explicitly remounted. + +The recommended way to run the app is to build and install it as a +privileged system app, so it's granted the required permissions to access +`update_engine` service as well as OTA package files. Detailed steps are as follows: + +1. [Prepare to build](https://source.android.com/setup/build/building) +2. Add the module (SystemUpdaterSample) to the `PRODUCT_PACKAGES` list for the lunch target. + e.g. add a line containing `PRODUCT_PACKAGES += SystemUpdaterSample` + to `device/google/marlin/device-common.mk`. +3. [Whitelist the sample app](https://source.android.com/devices/tech/config/perms-whitelist) + * Add + ``` + <privapp-permissions package="com.example.android.systemupdatersample"> + <permission name="android.permission.ACCESS_CACHE_FILESYSTEM"/> + </privapp-permissions> + ``` + to `frameworks/base/data/etc/privapp-permissions-platform.xml` +5. Build sample app `mmma -j bootable/recovery/updater_sample`. +6. Build Android `make -j` +7. [Flash the device](https://source.android.com/setup/build/running) +8. Add update config files; look above at `## Update Config file`; + `adb root` might be required. +9. Push OTA packages to the device if there is no server to stream packages from; + changing of SELinux labels of OTA packages directory might be required + `chcon -R u:object_r:ota_package_file:s0 /data/my-sample-ota-builds-dir` +10. Run the sample app. ## Development @@ -192,16 +226,16 @@ Called whenever an update attempt is completed. ## Running tests -1. Build `$ mmma bootable/recovery/updater_sample/` +1. Build `mmma bootable/recovery/updater_sample/` 2. Install app - `$ adb install $OUT/system/app/SystemUpdaterSample/SystemUpdaterSample.apk` + `adb install $OUT/system/app/SystemUpdaterSample/SystemUpdaterSample.apk` 3. Install tests - `$ adb install $OUT/testcases/SystemUpdaterSampleTests/SystemUpdaterSampleTests.apk` + `adb install $OUT/testcases/SystemUpdaterSampleTests/SystemUpdaterSampleTests.apk` 4. Run tests - `$ adb shell am instrument -w com.example.android.systemupdatersample.tests/android.support.test.runner.AndroidJUnitRunner` + `adb shell am instrument -w com.example.android.systemupdatersample.tests/android.support.test.runner.AndroidJUnitRunner` 5. Run a test file ``` - $ adb shell am instrument \ + adb shell am instrument \ -w com.example.android.systemupdatersample.tests/android.support.test.runner.AndroidJUnitRunner \ -c com.example.android.systemupdatersample.util.PayloadSpecsTest ``` @@ -214,13 +248,7 @@ Called whenever an update attempt is completed. ## Getting read/write access to `/data/ota_package/` -Following must be included in `AndroidManifest.xml`: - -```xml - <uses-permission android:name="android.permission.ACCESS_CACHE_FILESYSTEM" /> -``` - -Note: access to cache filesystem is granted only to system apps. +Access to cache filesystem is granted only to system apps. ## Setting SELinux mode to permissive (0) diff --git a/updater_sample/proguard.flags b/updater_sample/proguard.flags new file mode 100644 index 000000000..97ab534fb --- /dev/null +++ b/updater_sample/proguard.flags @@ -0,0 +1,24 @@ +# Copyright (C) 2018 The Android Open Source Project +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Keep, used in tests. +-keep public class com.example.android.systemupdatersample.UpdateManager { + public int getUpdaterState(); +} + +# Keep, used in tests. +-keep public class com.example.android.systemupdatersample.UpdateConfig { + public <init>(java.lang.String, java.lang.String, int); +} + diff --git a/updater_sample/tests/Android.mk b/updater_sample/tests/Android.mk index 9aec372e3..415760454 100644 --- a/updater_sample/tests/Android.mk +++ b/updater_sample/tests/Android.mk @@ -22,10 +22,10 @@ LOCAL_SDK_VERSION := system_current LOCAL_MODULE_TAGS := tests LOCAL_JAVA_LIBRARIES := \ android.test.base.stubs \ - android.test.runner.stubs \ - guava + android.test.runner.stubs LOCAL_STATIC_JAVA_LIBRARIES := android-support-test \ - mockito-target-minus-junit4 + mockito-target-minus-junit4 \ + guava LOCAL_INSTRUMENTATION_FOR := SystemUpdaterSample LOCAL_PROGUARD_ENABLED := disabled diff --git a/updater_sample/tests/res/raw/update_config_002_stream.json b/updater_sample/tests/res/raw/update_config_002_stream.json index 5d7874cdb..40c8fe1c1 100644 --- a/updater_sample/tests/res/raw/update_config_002_stream.json +++ b/updater_sample/tests/res/raw/update_config_002_stream.json @@ -39,5 +39,5 @@ ] }, "name": "S ota_002_package", - "url": "file:///data/sample-ota-packages/ota_002_package.zip" + "url": "file:///data/my-sample-ota-builds-dir/ota_002_package.zip" }
\ No newline at end of file diff --git a/updater_sample/tests/res/raw/update_config_003_nonstream.json b/updater_sample/tests/res/raw/update_config_003_nonstream.json index 4175c35ea..7c78b9d21 100644 --- a/updater_sample/tests/res/raw/update_config_003_nonstream.json +++ b/updater_sample/tests/res/raw/update_config_003_nonstream.json @@ -5,5 +5,5 @@ }, "ab_install_type": "NON_STREAMING", "name": "S ota_002_package", - "url": "file:///data/sample-ota-packages/ota_003_package.zip" + "url": "file:///data/my-sample-ota-builds-dir/ota_003_package.zip" }
\ No newline at end of file |