| Commit message (Collapse) | Author | Files | Lines |
|
Add and register a function to check if the device has been remounted
since last update during incremental OTA. This function reads block 0
and executes before partition recovery for version >= 4.
Bug: 21124327
Change-Id: I8b915b9f1d4736b3609daa9d16bd123225be357f
(cherry picked from commit 30bf4765593e639966df9f460df22c3fe912e7bf)
|
|
Output messages in log when recovery is attempted or succeeded during
incremental OTA update.
Change-Id: I4033df7ae3aaecbc61921d5337eda26f79164fda
(cherry picked from commit b686ba211443490111729ba9d82eb0c0b305e185)
|
|
Change-Id: I36346fa199a3261da1ae1bc310b3557fe1716d96
|
|
Change-Id: I354a8c424d340a9abe21fd716a4ee0d3b177d86f
|
|
To accommodate new changes in N release, such as error correction [1]
and other potential changes to the updater.
[1]: commit 0a7b47397db3648afe6f3aeb2abb175934c2cbca
Change-Id: I4dd44417d07dd0a31729894628635a0aa1659008
|
|
Add block_image_recover function to rewrite corrupted blocks on the
partition. This can be attempted if block_image_verify fails.
Note that we cannot use libfec during block_image_update as it may
overwrite blocks required for error correction. A separate recovery
pass in case the image is corrupted is the only viable option.
Bug: 21893453
Change-Id: I6ff25648fff68d5f50b41a601c95c509d1cc5bce
|
|
We have the last line being empty as a result of
android::base::Split("a\nb\n"), which leads to "missing command"
warnings in the update. Just skip all the empty lines.
Bug: 24373789
Change-Id: I5827e4600bd5cf0418d95477e4592fec47bbd3a9
|
|
Change-Id: Ic769eafc8d9535b1d517d3dcbd398c3fd65cddd9
|
|
Change-Id: Ide489e18dd8daf161b612f65b28921b61cdd8d8d
|
|
And inline the call to LoadSrcTgtVersion1() into SaveStash().
Change-Id: Ibf4ef2bfa2cc62df59c4e8de99fd7d8039e71ecf
|
|
Replace C-string with std::string, pointers with references, and
variable-size arrays in struct with std::vector.
Change-Id: I57f361a0e58286cbcd113e9be225981da56721b2
|
|
Change-Id: I6a8d9bea4c1cd8ea7b534682061b90e893b227a2
|
|
There is an integer overflow when the size of system goes beyond the
signed int limits. Hence changing pos to size_t.
Change-Id: I6e5e1b2f0e72030b30a6df09a01642f4c82abc79
|
|
So we can remove a few free()s. And also replace a few pointers with
references.
Change-Id: I4b6332216704f4f9ea4a044b8d4bb7aa42a7ef26
|
|
We need to ensure the renamed filename reaches the underlying storage.
Bug: 22840552
Change-Id: Ide2e753a2038691d472b6ee173cbf68ac998a084
|
|
Currently the fsync() inside write_all() may be called multiple times
when performing a command. Move that to the outer loop and call it
only after completing the command.
Also remove the O_SYNC flag when writing a stash.
Change-Id: I71e51d76051a2f7f504eef1aa585d2cb7a000d80
|
|
Mostly trivial changes to make cpp compiler happy.
Change-Id: I69bd1d96fcccf506007f6144faf37e11cfba1270
|
|
This reverts commit b65f0272c860771f2105668accd175be1ed95ae9.
It slows down the update too much on some devices (e.g. increased
from 8 mins to 40 mins to take a full OTA update).
Bug: 22129621
Change-Id: I016e3b47313e3113f01bb4f8eb3c14856bdc35e5
(cherry picked from commit 7125f9594db027ce4313d940ce2cafac67ae8c31)
|
|
This reverts commit b65f0272c860771f2105668accd175be1ed95ae9.
It slows down the update too much on some devices (e.g. increased
from 8 mins to 40 mins to take a full OTA update).
Bug: 22129621
Change-Id: I4e8d4f6734967caf4f0d19c734027f7b6c107370
|
|
A RangeSet has half-closed half-open bounds. For example, "3,5" contains
blocks 3 and 4. So "3,5" and "5,7" are actually not overlapped.
Bug: 22098085
Change-Id: I362d259f8b5d62478858ad0422b635bc5068698d
(cherry picked from commit c0f56ad76680df555689d4a2397487ef8c16b1a6)
|
|
A RangeSet has half-closed half-open bounds. For example, "3,5" contains
blocks 3 and 4. So "3,5" and "5,7" are actually not overlapped.
Bug: 22098085
Change-Id: I75e54a6506f2a20255d782ee710e889fad2eaf29
|
|
Due to observed BLKDISCARD flakiness, overwrite blocks that we want
to discard with zeros first to avoid later issues with dm-verity if
BLKDISCARD is not successful.
Bug: 20614277
Bug: 20881595
Change-Id: I4f6f2db39db990879ff10468c9db41606497bd6f
(cherry picked from commit a3c75e3ea60d61df93461f5c356befe825c429d2)
|
|
Due to observed BLKDISCARD flakiness, overwrite blocks that we want
to discard with zeros first to avoid later issues with dm-verity if
BLKDISCARD is not successful.
Bug: 20614277
Bug: 20881595
Change-Id: I4f6f2db39db990879ff10468c9db41606497bd6f
|
|
This reverts commit 96392b97f6bf1670d478494fb6df89a3410e53fa.
Change-Id: I77acc27158bad3cd8948390a3955197646a43a31
|
|
This reverts commit 604c583c9dd3d47906b1a57c14a7e9650df7471e.
Change-Id: I2b0b283dc3f44bae55c5e9f7231d7c712630c2b5
|
|
Due to observed BLKDISCARD flakiness, overwrite blocks that we want
to discard with zeros first to avoid later issues with dm-verity if
BLKDISCARD is not successful.
Bug: 20614277
Bug: 20881595
Change-Id: I0280fe115b020dcab35f49041fb55b7f8e793da3
(cherry picked from commit 96392b97f6bf1670d478494fb6df89a3410e53fa)
|
|
Due to observed BLKDISCARD flakiness, overwrite blocks that we want
to discard with zeros first to avoid later issues with dm-verity if
BLKDISCARD is not successful.
Bug: 20614277
Bug: 20881595
Change-Id: I0280fe115b020dcab35f49041fb55b7f8e793da3
|
|
I missed one last time.
Bug: http://b/20501816
Change-Id: I9896ee2704237d61ee169f898680761e946e0a56
(cherry picked from commit b3ac676192a093c561b7f15064cbd67733407b12)
|
|
In the block updater, if BLKDISCARD fails, the error is silently
ignored and some of the blocks may not be erased. This means the
target partition will have inconsistent contents.
If the ioctl fails, return an error and abort the update.
Bug: 20614277
Change-Id: I33867ba9337c514de8ffae59f28584b285324067
(cherry picked from commit cc2428c8181d18c9a88db908fa4eabd2db5601ad)
|
|
I missed one last time.
Bug: http://b/20501816
Change-Id: I9896ee2704237d61ee169f898680761e946e0a56
|
|
In the block updater, if BLKDISCARD fails, the error is silently
ignored and some of the blocks may not be erased. This means the
target partition will have inconsistent contents.
If the ioctl fails, return an error and abort the update.
Bug: 20614277
Change-Id: I33867ba9337c514de8ffae59f28584b285324067
|
|
Bug: http://b/20501816
Change-Id: I35efcd8dcec7a6492ba70602d380d9980cdda31f
(cherry picked from commit b47afedb42866e85b76822736d915afd371ef5f0)
|
|
Bug: http://b/20501816
Change-Id: I35efcd8dcec7a6492ba70602d380d9980cdda31f
|
|
Only trusted input is passed to parse_range, but check for invalid
input to catch possible problems in transfer lists.
Bug: 21033983
Bug: 21034030
Bug: 21034172
Bug: 21034406
Change-Id: Ia17537a2d23d5f701522fbc42ed38924e1ee3366
|
|
Also add missing TEMP_FAILURE_RETRYs on read, write, and lseek.
Bug: http://b/20625546
Change-Id: I03b198e11c1921b35518ee2dd005a7cfcf4fd94b
(cherry picked from commit 7bad7c4646ee8fd8d6e6ed0ffd3ddbb0c1b41a2f)
|
|
Also add missing TEMP_FAILURE_RETRYs on read, write, and lseek.
Bug: http://b/20625546
Change-Id: I03b198e11c1921b35518ee2dd005a7cfcf4fd94b
|
|
When automatically stashing overlapping blocks, should the stash
file already exist due to an explicit stash command, it's not safe
to remove the stash file after the command has completed.
Note that it is safe to assume that the stash file will remain in
place during the execution of the next command, so we don't have
take other measures to preserve overlapping blocks.
The stash file itself will be removed by a free command when it's
no longer needed.
Bug: 20297065
Change-Id: I8ff1a798b94086adff183c5aac03260eb947ae2c
|
|
Change-Id: I7009959043150fabf5853a43ee2448c7fbea176e
|
|
Return NULL to abort the update process. Note that returning ""
won't stop the script.
Change-Id: Ifd108c1356f7c92a905c8776247a8842c6445319
|
|
warning: format '%lu' expects argument of type 'long unsigned int', but
argument 3 has type 'unsigned int' [-Wformat] sizeof(RangeSet) + num * sizeof(int));
Change-Id: I4a3c6fc8d40c08ea84f8f5ee13f39350e4264027
|
|
Change-Id: I480c02ffedd811f4dda9940ef979a05ff54f1435
Bug: 19410117
|
|
Add support for transfer list version 3, which allows us to
verify the status of each command and resume an interrupted
block based OTA update. Notes on the changes:
- Move the previous BlockImageUpdateFn to a shorter and
reusable PerformBlockImageUpdate, which can be used also
in BlockImageVerifyFn for verification.
- Split individual transfer list commands into separate
functions with unified parameters for clarity, and use
a hash table to locate them during execution.
- Move common block reading and writing to ReadBlocks and
WriteBlocks to reduce code duplication, and rename the
readblock and writeblock to less confusing read_all and
write_all.
The coding style of the new functions follows the existing
style in the updater/edify code.
Needs matching changes from
Ia5c56379f570047f10f0aa7373a1025439495c98
Bug: 18262110
Change-Id: I1e752464134aeb2d396946348e6041acabe13942
|
|
In version 2 of block image diffs, we support a new command to load
data from the image and store it in the "stash table" and then
subsequently use entries in the stash table to fill in missing bits of
source data we're not allowed to read when doing move/bsdiff/imgdiff
commands.
This leads to smaller update packages because we can break cycles in
the ordering of how pieces are updated by storing data away and using
it later, rather than not using the data as input to the patch system
at all. This comes at the cost of the RAM or scratch disk needed to
store the data.
The implementation is backwards compatible; it can still handle the
existing version 1 of the transfer file format.
Change-Id: I4559bfd76d5403859637aeac832f3a5e9e13b63a
|
|
In version 2 of block image diffs, we support a new command to load
data from the image and store it in the "stash table" and then
subsequently use entries in the stash table to fill in missing bits of
source data we're not allowed to read when doing move/bsdiff/imgdiff
commands.
This leads to smaller update packages because we can break cycles in
the ordering of how pieces are updated by storing data away and using
it later, rather than not using the data as input to the patch system
at all. This comes at the cost of the RAM or scratch disk needed to
store the data.
The implementation is backwards compatible; it can still handle the
existing version 1 of the transfer file format.
Change-Id: I7fafe741d86b92d82d46feb2939ecf5a3890dc64
|
|
The comment for the DEBUG_ERASE setting is exactly backwards.
Change-Id: I98ab5828365894217fc78976817a131e7d22d5c1
|
|
Otherwise, overflow problems can occur with images larger than
2G since the offsets will overflow a 32-bit off_t.
Change-Id: I05951a38ebeae83ad2cb938594e8d8adb323e2aa
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
|
|
The computation of file offsets was overflowing for partitions larger
than 2 GB. The parsing of the transfer file could fail at the end if
the data happened to not be properly null-terminated.
Bug: 16984795
Change-Id: I3ce6eb3e54ab7b55aa9bbed252da5a7eacd3317a
|
|
(Cherry-pick back from master.)
Bug: 16984795
Change-Id: Ifa3d8345c5e2a0be86fb28faa080ca82592a96b4
|
|
Bug: 16984795
Change-Id: I90f958446baed83dec658de2430c8fc5e9c3047e
|