Loading Android.bp +1 −0 Original line number Diff line number Diff line Loading @@ -175,6 +175,7 @@ cc_library_static { "fsck_unshare_blocks.cpp", "fuse_sdcard_provider.cpp", "install.cpp", "package.cpp", "recovery.cpp", "roots.cpp", ], Loading install.cpp +9 −15 Original line number Diff line number Diff line Loading @@ -51,6 +51,7 @@ #include "otautil/paths.h" #include "otautil/sysutil.h" #include "otautil/thermalutil.h" #include "package.h" #include "private/install.h" #include "roots.h" #include "ui.h" Loading Loading @@ -585,34 +586,29 @@ static int really_install_package(const std::string& path, bool* wipe_cache, boo } } MemMapping map; if (!map.MapFile(path)) { LOG(ERROR) << "failed to map file"; auto package = Package::CreateMemoryPackage( path, std::bind(&RecoveryUI::SetProgress, ui, std::placeholders::_1)); if (!package) { log_buffer->push_back(android::base::StringPrintf("error: %d", kMapFileFailure)); return INSTALL_CORRUPT; } // Verify package. if (!verify_package(map.addr, map.length)) { if (!verify_package(package.get())) { log_buffer->push_back(android::base::StringPrintf("error: %d", kZipVerificationFailure)); return INSTALL_CORRUPT; } // Try to open the package. ZipArchiveHandle zip; int err = OpenArchiveFromMemory(map.addr, map.length, path.c_str(), &zip); if (err != 0) { LOG(ERROR) << "Can't open " << path << " : " << ErrorCodeString(err); ZipArchiveHandle zip = package->GetZipArchiveHandle(); if (!zip) { log_buffer->push_back(android::base::StringPrintf("error: %d", kZipOpenFailure)); CloseArchive(zip); return INSTALL_CORRUPT; } // Additionally verify the compatibility of the package. if (!verify_package_compatibility(zip)) { log_buffer->push_back(android::base::StringPrintf("error: %d", kPackageCompatibilityFailure)); CloseArchive(zip); return INSTALL_CORRUPT; } Loading @@ -626,7 +622,6 @@ static int really_install_package(const std::string& path, bool* wipe_cache, boo ui->SetEnableReboot(true); ui->Print("\n"); CloseArchive(zip); return result; } Loading Loading @@ -705,7 +700,7 @@ int install_package(const std::string& path, bool* wipe_cache, bool needs_mount, return result; } bool verify_package(const unsigned char* package_data, size_t package_size) { bool verify_package(Package* package) { static constexpr const char* CERTIFICATE_ZIP_FILE = "/system/etc/security/otacerts.zip"; std::vector<Certificate> loaded_keys = LoadKeysFromZipfile(CERTIFICATE_ZIP_FILE); if (loaded_keys.empty()) { Loading @@ -717,8 +712,7 @@ bool verify_package(const unsigned char* package_data, size_t package_size) { // Verify package. ui->Print("Verifying update package...\n"); auto t0 = std::chrono::system_clock::now(); int err = verify_file(package_data, package_size, loaded_keys, std::bind(&RecoveryUI::SetProgress, ui, std::placeholders::_1)); int err = verify_file(package, loaded_keys); std::chrono::duration<double> duration = std::chrono::system_clock::now() - t0; ui->Print("Update package verification took %.1f s (result %d).\n", duration.count(), err); if (err != VERIFY_SUCCESS) { Loading install.h +5 −3 Original line number Diff line number Diff line Loading @@ -25,6 +25,8 @@ #include <ziparchive/zip_archive.h> #include "package.h" enum InstallResult { INSTALL_SUCCESS, INSTALL_ERROR, Loading @@ -46,9 +48,9 @@ enum class OtaType { int install_package(const std::string& package, bool* wipe_cache, bool needs_mount, int retry_count); // Verify the package by ota keys. Return true if the package is verified successfully, // otherwise return false. bool verify_package(const unsigned char* package_data, size_t package_size); // Verifies the package by ota keys. Returns true if the package is verified successfully, // otherwise returns false. bool verify_package(Package* package); // Reads meta data file of the package; parses each line in the format "key=value"; and writes the // result to |metadata|. Return true if succeed, otherwise return false. Loading package.cpp 0 → 100644 +154 −0 Original line number Diff line number Diff line /* * Copyright (C) 2019 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #include "package.h" #include <string.h> #include <android-base/logging.h> #include <android-base/stringprintf.h> #include <openssl/sha.h> #include "otautil/error_code.h" #include "otautil/sysutil.h" // This class wraps the package in memory, i.e. a memory mapped package, or a package loaded // to a string/vector. class MemoryPackage : public Package { public: // Constructs the class from a file. We will memory maps the file later. MemoryPackage(const std::string& path, std::unique_ptr<MemMapping> map, const std::function<void(float)>& set_progress); // Constructs the class from the package bytes in |content|. MemoryPackage(std::vector<uint8_t> content, const std::function<void(float)>& set_progress); ~MemoryPackage() override; // Memory maps the package file if necessary. Initializes the start address and size of the // package. uint64_t GetPackageSize() const override { return package_size_; } bool ReadFullyAtOffset(uint8_t* buffer, uint64_t byte_count, uint64_t offset) override; ZipArchiveHandle GetZipArchiveHandle() override; bool UpdateHashAtOffset(const std::vector<HasherUpdateCallback>& hashers, uint64_t start, uint64_t length) override; private: const uint8_t* addr_; // Start address of the package in memory. uint64_t package_size_; // Package size in bytes. // The memory mapped package. std::unique_ptr<MemMapping> map_; // A copy of the package content, valid only if we create the class with the exact bytes of // the package. std::vector<uint8_t> package_content_; // The physical path to the package, empty if we create the class with the package content. std::string path_; // The ZipArchiveHandle of the package. ZipArchiveHandle zip_handle_; }; // TODO(xunchang) Implement the PackageFromFd. void Package::SetProgress(float progress) { if (set_progress_) { set_progress_(progress); } } std::unique_ptr<Package> Package::CreateMemoryPackage( const std::string& path, const std::function<void(float)>& set_progress) { std::unique_ptr<MemMapping> mmap = std::make_unique<MemMapping>(); if (!mmap->MapFile(path)) { LOG(ERROR) << "failed to map file"; return nullptr; } return std::make_unique<MemoryPackage>(path, std::move(mmap), set_progress); } std::unique_ptr<Package> Package::CreateMemoryPackage( std::vector<uint8_t> content, const std::function<void(float)>& set_progress) { return std::make_unique<MemoryPackage>(std::move(content), set_progress); } MemoryPackage::MemoryPackage(const std::string& path, std::unique_ptr<MemMapping> map, const std::function<void(float)>& set_progress) : map_(std::move(map)), path_(path), zip_handle_(nullptr) { addr_ = map_->addr; package_size_ = map_->length; set_progress_ = set_progress; } MemoryPackage::MemoryPackage(std::vector<uint8_t> content, const std::function<void(float)>& set_progress) : package_content_(std::move(content)), zip_handle_(nullptr) { CHECK(!package_content_.empty()); addr_ = package_content_.data(); package_size_ = package_content_.size(); set_progress_ = set_progress; } MemoryPackage::~MemoryPackage() { if (zip_handle_) { CloseArchive(zip_handle_); } } bool MemoryPackage::ReadFullyAtOffset(uint8_t* buffer, uint64_t byte_count, uint64_t offset) { if (byte_count > package_size_ || offset > package_size_ - byte_count) { LOG(ERROR) << "Out of bound read, offset: " << offset << ", size: " << byte_count << ", total package_size: " << package_size_; return false; } memcpy(buffer, addr_ + offset, byte_count); return true; } bool MemoryPackage::UpdateHashAtOffset(const std::vector<HasherUpdateCallback>& hashers, uint64_t start, uint64_t length) { if (length > package_size_ || start > package_size_ - length) { LOG(ERROR) << "Out of bound read, offset: " << start << ", size: " << length << ", total package_size: " << package_size_; return false; } for (const auto& hasher : hashers) { hasher(addr_ + start, length); } return true; } ZipArchiveHandle MemoryPackage::GetZipArchiveHandle() { if (zip_handle_) { return zip_handle_; } if (auto err = OpenArchiveFromMemory(const_cast<uint8_t*>(addr_), package_size_, path_.c_str(), &zip_handle_); err != 0) { LOG(ERROR) << "Can't open package" << path_ << " : " << ErrorCodeString(err); return nullptr; } return zip_handle_; } package.h 0 → 100644 +52 −0 Original line number Diff line number Diff line /* * Copyright (C) 2019 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #pragma once #include <stdint.h> #include <functional> #include <map> #include <memory> #include <string> #include <vector> #include <ziparchive/zip_archive.h> #include "verifier.h" // This class serves as a wrapper for an OTA update package. It aims to provide the common // interface for both packages loaded in memory and packages read from fd. class Package : public VerifierInterface { public: virtual ~Package() = default; // Opens the package as a zip file and returns the ZipArchiveHandle. virtual ZipArchiveHandle GetZipArchiveHandle() = 0; // Updates the progress in fraction during package verification. void SetProgress(float progress) override; static std::unique_ptr<Package> CreateMemoryPackage( const std::string& path, const std::function<void(float)>& set_progress); static std::unique_ptr<Package> CreateMemoryPackage( std::vector<uint8_t> content, const std::function<void(float)>& set_progress); protected: // An optional function to update the progress. std::function<void(float)> set_progress_; }; Loading
Android.bp +1 −0 Original line number Diff line number Diff line Loading @@ -175,6 +175,7 @@ cc_library_static { "fsck_unshare_blocks.cpp", "fuse_sdcard_provider.cpp", "install.cpp", "package.cpp", "recovery.cpp", "roots.cpp", ], Loading
install.cpp +9 −15 Original line number Diff line number Diff line Loading @@ -51,6 +51,7 @@ #include "otautil/paths.h" #include "otautil/sysutil.h" #include "otautil/thermalutil.h" #include "package.h" #include "private/install.h" #include "roots.h" #include "ui.h" Loading Loading @@ -585,34 +586,29 @@ static int really_install_package(const std::string& path, bool* wipe_cache, boo } } MemMapping map; if (!map.MapFile(path)) { LOG(ERROR) << "failed to map file"; auto package = Package::CreateMemoryPackage( path, std::bind(&RecoveryUI::SetProgress, ui, std::placeholders::_1)); if (!package) { log_buffer->push_back(android::base::StringPrintf("error: %d", kMapFileFailure)); return INSTALL_CORRUPT; } // Verify package. if (!verify_package(map.addr, map.length)) { if (!verify_package(package.get())) { log_buffer->push_back(android::base::StringPrintf("error: %d", kZipVerificationFailure)); return INSTALL_CORRUPT; } // Try to open the package. ZipArchiveHandle zip; int err = OpenArchiveFromMemory(map.addr, map.length, path.c_str(), &zip); if (err != 0) { LOG(ERROR) << "Can't open " << path << " : " << ErrorCodeString(err); ZipArchiveHandle zip = package->GetZipArchiveHandle(); if (!zip) { log_buffer->push_back(android::base::StringPrintf("error: %d", kZipOpenFailure)); CloseArchive(zip); return INSTALL_CORRUPT; } // Additionally verify the compatibility of the package. if (!verify_package_compatibility(zip)) { log_buffer->push_back(android::base::StringPrintf("error: %d", kPackageCompatibilityFailure)); CloseArchive(zip); return INSTALL_CORRUPT; } Loading @@ -626,7 +622,6 @@ static int really_install_package(const std::string& path, bool* wipe_cache, boo ui->SetEnableReboot(true); ui->Print("\n"); CloseArchive(zip); return result; } Loading Loading @@ -705,7 +700,7 @@ int install_package(const std::string& path, bool* wipe_cache, bool needs_mount, return result; } bool verify_package(const unsigned char* package_data, size_t package_size) { bool verify_package(Package* package) { static constexpr const char* CERTIFICATE_ZIP_FILE = "/system/etc/security/otacerts.zip"; std::vector<Certificate> loaded_keys = LoadKeysFromZipfile(CERTIFICATE_ZIP_FILE); if (loaded_keys.empty()) { Loading @@ -717,8 +712,7 @@ bool verify_package(const unsigned char* package_data, size_t package_size) { // Verify package. ui->Print("Verifying update package...\n"); auto t0 = std::chrono::system_clock::now(); int err = verify_file(package_data, package_size, loaded_keys, std::bind(&RecoveryUI::SetProgress, ui, std::placeholders::_1)); int err = verify_file(package, loaded_keys); std::chrono::duration<double> duration = std::chrono::system_clock::now() - t0; ui->Print("Update package verification took %.1f s (result %d).\n", duration.count(), err); if (err != VERIFY_SUCCESS) { Loading
install.h +5 −3 Original line number Diff line number Diff line Loading @@ -25,6 +25,8 @@ #include <ziparchive/zip_archive.h> #include "package.h" enum InstallResult { INSTALL_SUCCESS, INSTALL_ERROR, Loading @@ -46,9 +48,9 @@ enum class OtaType { int install_package(const std::string& package, bool* wipe_cache, bool needs_mount, int retry_count); // Verify the package by ota keys. Return true if the package is verified successfully, // otherwise return false. bool verify_package(const unsigned char* package_data, size_t package_size); // Verifies the package by ota keys. Returns true if the package is verified successfully, // otherwise returns false. bool verify_package(Package* package); // Reads meta data file of the package; parses each line in the format "key=value"; and writes the // result to |metadata|. Return true if succeed, otherwise return false. Loading
package.cpp 0 → 100644 +154 −0 Original line number Diff line number Diff line /* * Copyright (C) 2019 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #include "package.h" #include <string.h> #include <android-base/logging.h> #include <android-base/stringprintf.h> #include <openssl/sha.h> #include "otautil/error_code.h" #include "otautil/sysutil.h" // This class wraps the package in memory, i.e. a memory mapped package, or a package loaded // to a string/vector. class MemoryPackage : public Package { public: // Constructs the class from a file. We will memory maps the file later. MemoryPackage(const std::string& path, std::unique_ptr<MemMapping> map, const std::function<void(float)>& set_progress); // Constructs the class from the package bytes in |content|. MemoryPackage(std::vector<uint8_t> content, const std::function<void(float)>& set_progress); ~MemoryPackage() override; // Memory maps the package file if necessary. Initializes the start address and size of the // package. uint64_t GetPackageSize() const override { return package_size_; } bool ReadFullyAtOffset(uint8_t* buffer, uint64_t byte_count, uint64_t offset) override; ZipArchiveHandle GetZipArchiveHandle() override; bool UpdateHashAtOffset(const std::vector<HasherUpdateCallback>& hashers, uint64_t start, uint64_t length) override; private: const uint8_t* addr_; // Start address of the package in memory. uint64_t package_size_; // Package size in bytes. // The memory mapped package. std::unique_ptr<MemMapping> map_; // A copy of the package content, valid only if we create the class with the exact bytes of // the package. std::vector<uint8_t> package_content_; // The physical path to the package, empty if we create the class with the package content. std::string path_; // The ZipArchiveHandle of the package. ZipArchiveHandle zip_handle_; }; // TODO(xunchang) Implement the PackageFromFd. void Package::SetProgress(float progress) { if (set_progress_) { set_progress_(progress); } } std::unique_ptr<Package> Package::CreateMemoryPackage( const std::string& path, const std::function<void(float)>& set_progress) { std::unique_ptr<MemMapping> mmap = std::make_unique<MemMapping>(); if (!mmap->MapFile(path)) { LOG(ERROR) << "failed to map file"; return nullptr; } return std::make_unique<MemoryPackage>(path, std::move(mmap), set_progress); } std::unique_ptr<Package> Package::CreateMemoryPackage( std::vector<uint8_t> content, const std::function<void(float)>& set_progress) { return std::make_unique<MemoryPackage>(std::move(content), set_progress); } MemoryPackage::MemoryPackage(const std::string& path, std::unique_ptr<MemMapping> map, const std::function<void(float)>& set_progress) : map_(std::move(map)), path_(path), zip_handle_(nullptr) { addr_ = map_->addr; package_size_ = map_->length; set_progress_ = set_progress; } MemoryPackage::MemoryPackage(std::vector<uint8_t> content, const std::function<void(float)>& set_progress) : package_content_(std::move(content)), zip_handle_(nullptr) { CHECK(!package_content_.empty()); addr_ = package_content_.data(); package_size_ = package_content_.size(); set_progress_ = set_progress; } MemoryPackage::~MemoryPackage() { if (zip_handle_) { CloseArchive(zip_handle_); } } bool MemoryPackage::ReadFullyAtOffset(uint8_t* buffer, uint64_t byte_count, uint64_t offset) { if (byte_count > package_size_ || offset > package_size_ - byte_count) { LOG(ERROR) << "Out of bound read, offset: " << offset << ", size: " << byte_count << ", total package_size: " << package_size_; return false; } memcpy(buffer, addr_ + offset, byte_count); return true; } bool MemoryPackage::UpdateHashAtOffset(const std::vector<HasherUpdateCallback>& hashers, uint64_t start, uint64_t length) { if (length > package_size_ || start > package_size_ - length) { LOG(ERROR) << "Out of bound read, offset: " << start << ", size: " << length << ", total package_size: " << package_size_; return false; } for (const auto& hasher : hashers) { hasher(addr_ + start, length); } return true; } ZipArchiveHandle MemoryPackage::GetZipArchiveHandle() { if (zip_handle_) { return zip_handle_; } if (auto err = OpenArchiveFromMemory(const_cast<uint8_t*>(addr_), package_size_, path_.c_str(), &zip_handle_); err != 0) { LOG(ERROR) << "Can't open package" << path_ << " : " << ErrorCodeString(err); return nullptr; } return zip_handle_; }
package.h 0 → 100644 +52 −0 Original line number Diff line number Diff line /* * Copyright (C) 2019 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #pragma once #include <stdint.h> #include <functional> #include <map> #include <memory> #include <string> #include <vector> #include <ziparchive/zip_archive.h> #include "verifier.h" // This class serves as a wrapper for an OTA update package. It aims to provide the common // interface for both packages loaded in memory and packages read from fd. class Package : public VerifierInterface { public: virtual ~Package() = default; // Opens the package as a zip file and returns the ZipArchiveHandle. virtual ZipArchiveHandle GetZipArchiveHandle() = 0; // Updates the progress in fraction during package verification. void SetProgress(float progress) override; static std::unique_ptr<Package> CreateMemoryPackage( const std::string& path, const std::function<void(float)>& set_progress); static std::unique_ptr<Package> CreateMemoryPackage( std::vector<uint8_t> content, const std::function<void(float)>& set_progress); protected: // An optional function to update the progress. std::function<void(float)> set_progress_; };
