diff options
Diffstat (limited to '')
-rw-r--r-- | install.cpp | 59 |
1 files changed, 25 insertions, 34 deletions
diff --git a/install.cpp b/install.cpp index d05893171..42d264157 100644 --- a/install.cpp +++ b/install.cpp @@ -45,13 +45,15 @@ #include <android-base/properties.h> #include <android-base/stringprintf.h> #include <android-base/strings.h> +#include <android-base/unique_fd.h> #include <vintf/VintfObjectRecovery.h> #include <ziparchive/zip_archive.h> #include "common.h" -#include "otautil/SysUtil.h" -#include "otautil/ThermalUtil.h" #include "otautil/error_code.h" +#include "otautil/paths.h" +#include "otautil/sysutil.h" +#include "otautil/thermalutil.h" #include "private/install.h" #include "roots.h" #include "ui.h" @@ -123,11 +125,9 @@ static void read_source_target_build(ZipArchiveHandle zip, std::vector<std::stri } } -#ifdef AB_OTA_UPDATER - -// Parses the metadata of the OTA package in |zip| and checks whether we are -// allowed to accept this A/B package. Downgrading is not allowed unless -// explicitly enabled in the package and only for incremental packages. +// Parses the metadata of the OTA package in |zip| and checks whether we are allowed to accept this +// A/B package. Downgrading is not allowed unless explicitly enabled in the package and only for +// incremental packages. static int check_newer_ab_build(ZipArchiveHandle zip) { std::string metadata_str; if (!read_metadata_from_package(zip, &metadata_str)) { @@ -213,8 +213,7 @@ static int check_newer_ab_build(ZipArchiveHandle zip) { return 0; } -int update_binary_command(const std::string& package, ZipArchiveHandle zip, - const std::string& binary_path, int /* retry_count */, int status_fd, +int SetUpAbUpdateCommands(const std::string& package, ZipArchiveHandle zip, int status_fd, std::vector<std::string>* cmd) { CHECK(cmd != nullptr); int ret = check_newer_ab_build(zip); @@ -249,7 +248,7 @@ int update_binary_command(const std::string& package, ZipArchiveHandle zip, } long payload_offset = payload_entry.offset; *cmd = { - binary_path, + "/system/bin/update_engine_sideload", "--payload=file://" + package, android::base::StringPrintf("--offset=%ld", payload_offset), "--headers=" + std::string(payload_properties.begin(), payload_properties.end()), @@ -258,14 +257,11 @@ int update_binary_command(const std::string& package, ZipArchiveHandle zip, return 0; } -#else // !AB_OTA_UPDATER - -int update_binary_command(const std::string& package, ZipArchiveHandle zip, - const std::string& binary_path, int retry_count, int status_fd, - std::vector<std::string>* cmd) { +int SetUpNonAbUpdateCommands(const std::string& package, ZipArchiveHandle zip, int retry_count, + int status_fd, std::vector<std::string>* cmd) { CHECK(cmd != nullptr); - // On traditional updates we extract the update binary from the package. + // In non-A/B updates we extract the update binary from the package. static constexpr const char* UPDATE_BINARY_NAME = "META-INF/com/google/android/update-binary"; ZipString binary_name(UPDATE_BINARY_NAME); ZipEntry binary_entry; @@ -274,15 +270,16 @@ int update_binary_command(const std::string& package, ZipArchiveHandle zip, return INSTALL_CORRUPT; } + const std::string binary_path = Paths::Get().temporary_update_binary(); unlink(binary_path.c_str()); - int fd = open(binary_path.c_str(), O_CREAT | O_WRONLY | O_TRUNC | O_CLOEXEC, 0755); + android::base::unique_fd fd( + open(binary_path.c_str(), O_CREAT | O_WRONLY | O_TRUNC | O_CLOEXEC, 0755)); if (fd == -1) { PLOG(ERROR) << "Failed to create " << binary_path; return INSTALL_ERROR; } int32_t error = ExtractEntryToFile(zip, &binary_entry, fd); - close(fd); if (error != 0) { LOG(ERROR) << "Failed to extract " << UPDATE_BINARY_NAME << ": " << ErrorCodeString(error); return INSTALL_ERROR; @@ -299,7 +296,6 @@ int update_binary_command(const std::string& package, ZipArchiveHandle zip, } return 0; } -#endif // !AB_OTA_UPDATER static void log_max_temperature(int* max_temperature, const std::atomic<bool>& logger_finished) { CHECK(max_temperature != nullptr); @@ -320,14 +316,10 @@ static int try_update_binary(const std::string& package, ZipArchiveHandle zip, b int pipefd[2]; pipe(pipefd); + bool is_ab = android::base::GetBoolProperty("ro.build.ab_update", false); std::vector<std::string> args; -#ifdef AB_OTA_UPDATER - int ret = update_binary_command(package, zip, "/sbin/update_engine_sideload", retry_count, - pipefd[1], &args); -#else - int ret = update_binary_command(package, zip, "/tmp/update-binary", retry_count, pipefd[1], - &args); -#endif + int ret = is_ab ? SetUpAbUpdateCommands(package, zip, pipefd[1], &args) + : SetUpNonAbUpdateCommands(package, zip, retry_count, pipefd[1], &args); if (ret) { close(pipefd[0]); close(pipefd[1]); @@ -627,10 +619,8 @@ static int really_install_package(const std::string& path, bool* wipe_cache, boo return result; } -int install_package(const std::string& path, bool* wipe_cache, const std::string& install_file, - bool needs_mount, int retry_count) { +int install_package(const std::string& path, bool* wipe_cache, bool needs_mount, int retry_count) { CHECK(!path.empty()); - CHECK(!install_file.empty()); CHECK(wipe_cache != nullptr); modified_flash = true; @@ -693,6 +683,7 @@ int install_package(const std::string& path, bool* wipe_cache, const std::string std::string log_content = android::base::Join(log_header, "\n") + "\n" + android::base::Join(log_buffer, "\n") + "\n"; + const std::string& install_file = Paths::Get().temporary_install_file(); if (!android::base::WriteStringToFile(log_content, install_file)) { PLOG(ERROR) << "failed to write " << install_file; } @@ -704,18 +695,18 @@ int install_package(const std::string& path, bool* wipe_cache, const std::string } bool verify_package(const unsigned char* package_data, size_t package_size) { - static constexpr const char* PUBLIC_KEYS_FILE = "/res/keys"; - std::vector<Certificate> loadedKeys; - if (!load_keys(PUBLIC_KEYS_FILE, loadedKeys)) { + static constexpr const char* CERTIFICATE_ZIP_FILE = "/system/etc/security/otacerts.zip"; + std::vector<Certificate> loaded_keys = LoadKeysFromZipfile(CERTIFICATE_ZIP_FILE); + if (loaded_keys.empty()) { LOG(ERROR) << "Failed to load keys"; return false; } - LOG(INFO) << loadedKeys.size() << " key(s) loaded from " << PUBLIC_KEYS_FILE; + LOG(INFO) << loaded_keys.size() << " key(s) loaded from " << CERTIFICATE_ZIP_FILE; // Verify package. ui->Print("Verifying update package...\n"); auto t0 = std::chrono::system_clock::now(); - int err = verify_file(package_data, package_size, loadedKeys, + int err = verify_file(package_data, package_size, loaded_keys, std::bind(&RecoveryUI::SetProgress, ui, std::placeholders::_1)); std::chrono::duration<double> duration = std::chrono::system_clock::now() - t0; ui->Print("Update package verification took %.1f s (result %d).\n", duration.count(), err); |