Value* UpdateFn(const char* name, State* state, int argc, Expr* argv[]) { if (argc != 1) { return ErrorAbort(state, "%s() expects 6 args, got %d", name, argc); } char* type = strrchr(name, '_'); if (type == NULL || *(type+1) == '\0') { return ErrorAbort(state, "%s() couldn't get type from function name", name); } ++type; Value* image; if (ReadValueArgs(state, argv, 1, &image) <0) { return NULL; } if (image->type != VAL_BLOB) { printf("image argument is not blob (is type %d)\n", image->type); goto done; } install_firmware_update(type, image->data, image->size, "/tmp/recovery.log"); printf("%s: install_firmware_update returned!\n", name); done: FreeValue(image); // install_firmware_update should reboot. If it returns, it failed. return StringValue(strdup("")); }
Value* WriteBootloaderFn(const char* name, State* state, int argc, Expr* argv[]) { int result = -1; Value* img; Value* xloader_loc; Value* sbl_loc; if (argc != 3) { return ErrorAbort(state, "%s() expects 3 args, got %d", name, argc); } if (ReadValueArgs(state, argv, 3, &img, &xloader_loc, &sbl_loc) < 0) { return NULL; } if(img->type != VAL_BLOB || xloader_loc->type != VAL_STRING || sbl_loc->type != VAL_STRING) { FreeValue(img); FreeValue(xloader_loc); FreeValue(sbl_loc); return ErrorAbort(state, "%s(): argument types are incorrect", name); } result = update_bootloader(img->data, img->size, xloader_loc->data, sbl_loc->data); FreeValue(img); FreeValue(xloader_loc); FreeValue(sbl_loc); return StringValue(strdup(result == 0 ? "t" : "")); }
Value* RangeSha1Fn(const char* name, State* state, int argc, Expr* argv[]) { Value* blockdev_filename; Value* ranges; const uint8_t* digest = NULL; if (ReadValueArgs(state, argv, 2, &blockdev_filename, &ranges) < 0) { return NULL; } if (blockdev_filename->type != VAL_STRING) { ErrorAbort(state, "blockdev_filename argument to %s must be string", name); goto done; } if (ranges->type != VAL_STRING) { ErrorAbort(state, "ranges argument to %s must be string", name); goto done; } int fd = open(blockdev_filename->data, O_RDWR); if (fd < 0) { ErrorAbort(state, "failed to open %s: %s", blockdev_filename->data, strerror(errno)); goto done; } RangeSet* rs = parse_range(ranges->data); uint8_t buffer[BLOCKSIZE]; SHA_CTX ctx; SHA_init(&ctx); int i, j; for (i = 0; i < rs->count; ++i) { check_lseek(fd, (off64_t)rs->pos[i*2] * BLOCKSIZE, SEEK_SET); for (j = rs->pos[i*2]; j < rs->pos[i*2+1]; ++j) { readblock(fd, buffer, BLOCKSIZE); SHA_update(&ctx, buffer, BLOCKSIZE); } } digest = SHA_final(&ctx); close(fd); done: FreeValue(blockdev_filename); FreeValue(ranges); if (digest == NULL) { return StringValue(strdup("")); } else { return StringValue(PrintSha1(digest)); } }
Value *FlashOSImage(const char *name, State * state, int argc, Expr * argv[]) { char* result = NULL; Value *funret = NULL; char *image_type; int ret; Value* partition_value; Value* contents; if (ReadValueArgs(state, argv, 2, &contents, &partition_value) < 0) { return NULL; } char* partition = NULL; if (partition_value->type != VAL_STRING) { ErrorAbort(state, "partition argument to %s must be string", name); goto exit; } partition = partition_value->data; if (strlen(partition) == 0) { ErrorAbort(state, "partition argument to %s can't be empty", name); goto exit; } if (contents->type == VAL_STRING && strlen((char*) contents->data) == 0) { ErrorAbort(state, "file argument to %s can't be empty", name); goto exit; } image_type = basename(partition); ret = flash_image(contents->data, contents->size, image_type); if (ret != 0) { ErrorAbort(state, "%s: Failed to flash image %s, %s.", name, image_type, strerror(errno)); goto free; } funret = StringValue(strdup("t")); free: free(image_type); exit: return funret; }
// write_raw_image(filename_or_blob, partition) Value* WriteRawImageFn(const char* name, State* state, int argc, Expr* argv[]) { char* result = NULL; Value* partition_value; Value* contents; if (ReadValueArgs(state, argv, 2, &contents, &partition_value) < 0) { return NULL; } char* partition = NULL; if (partition_value->type != VAL_STRING) { ErrorAbort(state, "partition argument to %s must be string", name); goto done; } partition = partition_value->data; if (strlen(partition) == 0) { ErrorAbort(state, "partition argument to %s can't be empty", name); goto done; } if (contents->type == VAL_STRING && strlen((char*) contents->data) == 0) { ErrorAbort(state, "file argument to %s can't be empty", name); goto done; } char* filename = contents->data; if (0 == restore_raw_partition(NULL, partition, filename)) result = strdup(partition); else { result = strdup(""); goto done; } done: if (result != partition) FreeValue(partition_value); FreeValue(contents); return StringValue(result); }
// write_raw_image(filename_or_blob, partition) Value* WriteRawImageFn(const char* name, State* state, int argc, Expr* argv[]) { char* result = NULL; Value* partition_value; Value* contents; if (ReadValueArgs(state, argv, 2, &contents, &partition_value) < 0) { return NULL; } char* partition = NULL; if (partition_value->type != VAL_STRING) { ErrorAbort(state, "partition argument to %s must be string", name); goto done; } partition = partition_value->data; if (strlen(partition) == 0) { ErrorAbort(state, "partition argument to %s can't be empty", name); goto done; } if (contents->type == VAL_STRING && strlen((char*) contents->data) == 0) { ErrorAbort(state, "file argument to %s can't be empty", name); goto done; } mtd_scan_partitions(); const MtdPartition* mtd = mtd_find_partition_by_name(partition); if (mtd == NULL) { fprintf(stderr, "%s: no mtd partition named \"%s\"\n", name, partition); result = strdup(""); goto done; } MtdWriteContext* ctx = mtd_write_partition(mtd); if (ctx == NULL) { fprintf(stderr, "%s: can't write mtd partition \"%s\"\n", name, partition); result = strdup(""); goto done; } bool success; if (contents->type == VAL_STRING) { // we're given a filename as the contents char* filename = contents->data; FILE* f = fopen(filename, "rb"); if (f == NULL) { fprintf(stderr, "%s: can't open %s: %s\n", name, filename, strerror(errno)); result = strdup(""); goto done; } success = true; char* buffer = malloc(BUFSIZ); int read; while (success && (read = fread(buffer, 1, BUFSIZ, f)) > 0) { int wrote = mtd_write_data(ctx, buffer, read); success = success && (wrote == read); } free(buffer); fclose(f); } else { // we're given a blob as the contents ssize_t wrote = mtd_write_data(ctx, contents->data, contents->size); success = (wrote == contents->size); } if (!success) { fprintf(stderr, "mtd_write_data to %s failed: %s\n", partition, strerror(errno)); } if (mtd_erase_blocks(ctx, -1) == -1) { fprintf(stderr, "%s: error erasing blocks of %s\n", name, partition); } if (mtd_write_close(ctx) != 0) { fprintf(stderr, "%s: error closing write of %s\n", name, partition); } printf("%s %s partition\n", success ? "wrote" : "failed to write", partition); result = success ? partition : strdup(""); done: if (result != partition) FreeValue(partition_value); FreeValue(contents); return StringValue(result); }
Value* BlockImageUpdateFn(const char* name, State* state, int argc, Expr* argv[]) { Value* blockdev_filename; Value* transfer_list_value; char* transfer_list = NULL; Value* new_data_fn; Value* patch_data_fn; bool success = false; if (ReadValueArgs(state, argv, 4, &blockdev_filename, &transfer_list_value, &new_data_fn, &patch_data_fn) < 0) { return NULL; } if (blockdev_filename->type != VAL_STRING) { ErrorAbort(state, "blockdev_filename argument to %s must be string", name); goto done; } if (transfer_list_value->type != VAL_BLOB) { ErrorAbort(state, "transfer_list argument to %s must be blob", name); goto done; } if (new_data_fn->type != VAL_STRING) { ErrorAbort(state, "new_data_fn argument to %s must be string", name); goto done; } if (patch_data_fn->type != VAL_STRING) { ErrorAbort(state, "patch_data_fn argument to %s must be string", name); goto done; } UpdaterInfo* ui = (UpdaterInfo*)(state->cookie); FILE* cmd_pipe = ui->cmd_pipe; ZipArchive* za = ((UpdaterInfo*)(state->cookie))->package_zip; const ZipEntry* patch_entry = mzFindZipEntry(za, patch_data_fn->data); if (patch_entry == NULL) { ErrorAbort(state, "%s(): no file \"%s\" in package", name, patch_data_fn->data); goto done; } uint8_t* patch_start = ((UpdaterInfo*)(state->cookie))->package_zip_addr + mzGetZipEntryOffset(patch_entry); const ZipEntry* new_entry = mzFindZipEntry(za, new_data_fn->data); if (new_entry == NULL) { ErrorAbort(state, "%s(): no file \"%s\" in package", name, new_data_fn->data); goto done; } // The transfer list is a text file containing commands to // transfer data from one place to another on the target // partition. We parse it and execute the commands in order: // // zero [rangeset] // - fill the indicated blocks with zeros // // new [rangeset] // - fill the blocks with data read from the new_data file // // bsdiff patchstart patchlen [src rangeset] [tgt rangeset] // imgdiff patchstart patchlen [src rangeset] [tgt rangeset] // - read the source blocks, apply a patch, write result to // target blocks. bsdiff or imgdiff specifies the type of // patch. // // move [src rangeset] [tgt rangeset] // - copy data from source blocks to target blocks (no patch // needed; rangesets are the same size) // // erase [rangeset] // - mark the given blocks as empty // // The creator of the transfer list will guarantee that no block // is read (ie, used as the source for a patch or move) after it // has been written. // // Within one command the source and target ranges may overlap so // in general we need to read the entire source into memory before // writing anything to the target blocks. // // All the patch data is concatenated into one patch_data file in // the update package. It must be stored uncompressed because we // memory-map it in directly from the archive. (Since patches are // already compressed, we lose very little by not compressing // their concatenation.) pthread_t new_data_thread; NewThreadInfo nti; nti.za = za; nti.entry = new_entry; nti.rss = NULL; pthread_mutex_init(&nti.mu, NULL); pthread_cond_init(&nti.cv, NULL); pthread_attr_t attr; pthread_attr_init(&attr); pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_JOINABLE); pthread_create(&new_data_thread, &attr, unzip_new_data, &nti); int i, j; char* linesave; char* wordsave; int fd = open(blockdev_filename->data, O_RDWR); if (fd < 0) { ErrorAbort(state, "failed to open %s: %s", blockdev_filename->data, strerror(errno)); goto done; } char* line; char* word; // The data in transfer_list_value is not necessarily // null-terminated, so we need to copy it to a new buffer and add // the null that strtok_r will need. transfer_list = malloc(transfer_list_value->size+1); if (transfer_list == NULL) { fprintf(stderr, "failed to allocate %zd bytes for transfer list\n", transfer_list_value->size+1); exit(1); } memcpy(transfer_list, transfer_list_value->data, transfer_list_value->size); transfer_list[transfer_list_value->size] = '\0'; line = strtok_r(transfer_list, "\n", &linesave); // first line in transfer list is the version number; currently // there's only version 1. if (strcmp(line, "1") != 0) { ErrorAbort(state, "unexpected transfer list version [%s]\n", line); goto done; } // second line in transfer list is the total number of blocks we // expect to write. line = strtok_r(NULL, "\n", &linesave); int total_blocks = strtol(line, NULL, 0); // shouldn't happen, but avoid divide by zero. if (total_blocks == 0) ++total_blocks; int blocks_so_far = 0; uint8_t* buffer = NULL; size_t buffer_alloc = 0; // third and subsequent lines are all individual transfer commands. for (line = strtok_r(NULL, "\n", &linesave); line; line = strtok_r(NULL, "\n", &linesave)) { char* style; style = strtok_r(line, " ", &wordsave); if (strcmp("move", style) == 0) { word = strtok_r(NULL, " ", &wordsave); RangeSet* src = parse_range(word); word = strtok_r(NULL, " ", &wordsave); RangeSet* tgt = parse_range(word); printf(" moving %d blocks\n", src->size); allocate(src->size * BLOCKSIZE, &buffer, &buffer_alloc); size_t p = 0; for (i = 0; i < src->count; ++i) { check_lseek(fd, (off64_t)src->pos[i*2] * BLOCKSIZE, SEEK_SET); size_t sz = (src->pos[i*2+1] - src->pos[i*2]) * BLOCKSIZE; readblock(fd, buffer+p, sz); p += sz; } p = 0; for (i = 0; i < tgt->count; ++i) { check_lseek(fd, (off64_t)tgt->pos[i*2] * BLOCKSIZE, SEEK_SET); size_t sz = (tgt->pos[i*2+1] - tgt->pos[i*2]) * BLOCKSIZE; writeblock(fd, buffer+p, sz); p += sz; } blocks_so_far += tgt->size; fprintf(cmd_pipe, "set_progress %.4f\n", (double)blocks_so_far / total_blocks); fflush(cmd_pipe); free(src); free(tgt); } else if (strcmp("zero", style) == 0 || (DEBUG_ERASE && strcmp("erase", style) == 0)) { word = strtok_r(NULL, " ", &wordsave); RangeSet* tgt = parse_range(word); printf(" zeroing %d blocks\n", tgt->size); allocate(BLOCKSIZE, &buffer, &buffer_alloc); memset(buffer, 0, BLOCKSIZE); for (i = 0; i < tgt->count; ++i) { check_lseek(fd, (off64_t)tgt->pos[i*2] * BLOCKSIZE, SEEK_SET); for (j = tgt->pos[i*2]; j < tgt->pos[i*2+1]; ++j) { writeblock(fd, buffer, BLOCKSIZE); } } if (style[0] == 'z') { // "zero" but not "erase" blocks_so_far += tgt->size; fprintf(cmd_pipe, "set_progress %.4f\n", (double)blocks_so_far / total_blocks); fflush(cmd_pipe); } free(tgt); } else if (strcmp("new", style) == 0) { word = strtok_r(NULL, " ", &wordsave); RangeSet* tgt = parse_range(word); printf(" writing %d blocks of new data\n", tgt->size); RangeSinkState rss; rss.fd = fd; rss.tgt = tgt; rss.p_block = 0; rss.p_remain = (tgt->pos[1] - tgt->pos[0]) * BLOCKSIZE; check_lseek(fd, (off64_t)tgt->pos[0] * BLOCKSIZE, SEEK_SET); pthread_mutex_lock(&nti.mu); nti.rss = &rss; pthread_cond_broadcast(&nti.cv); while (nti.rss) { pthread_cond_wait(&nti.cv, &nti.mu); } pthread_mutex_unlock(&nti.mu); blocks_so_far += tgt->size; fprintf(cmd_pipe, "set_progress %.4f\n", (double)blocks_so_far / total_blocks); fflush(cmd_pipe); free(tgt); } else if (strcmp("bsdiff", style) == 0 || strcmp("imgdiff", style) == 0) { word = strtok_r(NULL, " ", &wordsave); size_t patch_offset = strtoul(word, NULL, 0); word = strtok_r(NULL, " ", &wordsave); size_t patch_len = strtoul(word, NULL, 0); word = strtok_r(NULL, " ", &wordsave); RangeSet* src = parse_range(word); word = strtok_r(NULL, " ", &wordsave); RangeSet* tgt = parse_range(word); printf(" patching %d blocks to %d\n", src->size, tgt->size); // Read the source into memory. allocate(src->size * BLOCKSIZE, &buffer, &buffer_alloc); size_t p = 0; for (i = 0; i < src->count; ++i) { check_lseek(fd, (off64_t)src->pos[i*2] * BLOCKSIZE, SEEK_SET); size_t sz = (src->pos[i*2+1] - src->pos[i*2]) * BLOCKSIZE; readblock(fd, buffer+p, sz); p += sz; } Value patch_value; patch_value.type = VAL_BLOB; patch_value.size = patch_len; patch_value.data = (char*)(patch_start + patch_offset); RangeSinkState rss; rss.fd = fd; rss.tgt = tgt; rss.p_block = 0; rss.p_remain = (tgt->pos[1] - tgt->pos[0]) * BLOCKSIZE; check_lseek(fd, (off64_t)tgt->pos[0] * BLOCKSIZE, SEEK_SET); if (style[0] == 'i') { // imgdiff ApplyImagePatch(buffer, src->size * BLOCKSIZE, &patch_value, &RangeSinkWrite, &rss, NULL, NULL); } else { ApplyBSDiffPatch(buffer, src->size * BLOCKSIZE, &patch_value, 0, &RangeSinkWrite, &rss, NULL); } // We expect the output of the patcher to fill the tgt ranges exactly. if (rss.p_block != tgt->count || rss.p_remain != 0) { fprintf(stderr, "range sink underrun?\n"); } blocks_so_far += tgt->size; fprintf(cmd_pipe, "set_progress %.4f\n", (double)blocks_so_far / total_blocks); fflush(cmd_pipe); free(src); free(tgt); } else if (!DEBUG_ERASE && strcmp("erase", style) == 0) { struct stat st; if (fstat(fd, &st) == 0 && S_ISBLK(st.st_mode)) { word = strtok_r(NULL, " ", &wordsave); RangeSet* tgt = parse_range(word); printf(" erasing %d blocks\n", tgt->size); for (i = 0; i < tgt->count; ++i) { uint64_t range[2]; // offset in bytes range[0] = tgt->pos[i*2] * (uint64_t)BLOCKSIZE; // len in bytes range[1] = (tgt->pos[i*2+1] - tgt->pos[i*2]) * (uint64_t)BLOCKSIZE; if (ioctl(fd, BLKDISCARD, &range) < 0) { printf(" blkdiscard failed: %s\n", strerror(errno)); } } free(tgt); } else { printf(" ignoring erase (not block device)\n"); } } else { fprintf(stderr, "unknown transfer style \"%s\"\n", style); exit(1); } } pthread_join(new_data_thread, NULL); success = true; free(buffer); printf("wrote %d blocks; expected %d\n", blocks_so_far, total_blocks); printf("max alloc needed was %zu\n", buffer_alloc); done: free(transfer_list); FreeValue(blockdev_filename); FreeValue(transfer_list_value); FreeValue(new_data_fn); FreeValue(patch_data_fn); return StringValue(success ? strdup("t") : strdup("")); }
Value* UpdateFn(const char* name, State* state, int argc, Expr* argv[]) { if (argc != 7) { return ErrorAbort(state, "%s() expects 7 args, got %d", name, argc); } char* type = strrchr(name, '_'); if (type == NULL || *(type+1) == '\0') { return ErrorAbort(state, "%s() couldn't get type from function name", name); } ++type; Value* image; Value* width_string; Value* height_string; Value* bpp_string; Value* busy; Value* fail; Value* expected_sha1_string; if (ReadValueArgs(state, argv, 7, &image, &width_string, &height_string, &bpp_string, &busy, &fail, &expected_sha1_string) < 0) { return NULL; } // close the package ZipArchive* za = ((UpdaterInfo*)(state->cookie))->package_zip; mzCloseZipArchive(za); ((UpdaterInfo*)(state->cookie))->package_zip = NULL; // Try to unmount /cache. If we fail (because we're running in an // older recovery that still has the package file open), try to // remount it read-only. If that fails, abort. sync(); scan_mounted_volumes(); MountedVolume* vol = find_mounted_volume_by_mount_point("/cache"); int result = unmount_mounted_volume(vol); if (result != 0) { printf("%s(): failed to unmount cache (%d: %s)\n", name, result, strerror(errno)); result = remount_read_only(vol); if (result != 0) { printf("%s(): failed to remount cache (%d: %s)\n", name, result, strerror(errno)); return StringValue(strdup("")); } else { printf("%s(): remounted cache\n", name); } sync(); } else { printf("%s(): unmounted cache\n", name); } int width = 0, height = 0, bpp = 0; if (width_string->type != VAL_STRING || (width = strtol(width_string->data, NULL, 10)) == 0) { printf("%s(): bad width argument", name); } if (height_string->type != VAL_STRING || (height = strtol(height_string->data, NULL, 10)) == 0) { printf("%s(): bad height argument", name); } if (bpp_string->type != VAL_STRING || (bpp = strtol(bpp_string->data, NULL, 10)) == 0) { printf("%s(): bad bpp argument", name); } if (image->type != VAL_BLOB) { printf("image argument is not blob (is type %d)\n", image->type); goto done; } uint8_t expected_sha1[SHA_DIGEST_SIZE]; char* data = expected_sha1_string->data; if (expected_sha1_string->type != VAL_STRING || strlen(data) != SHA_DIGEST_SIZE*2) { printf("%s(): bad expected_sha1 argument", name); goto done; } printf("expected sha1 is: "); int i; for (i = 0; i < SHA_DIGEST_SIZE; ++i) { char temp = data[i*2+2]; data[i*2+2] = '\0'; expected_sha1[i] = strtol(data+i*2, NULL, 16); data[i*2+2] = temp; printf("%02x", expected_sha1[i]); } printf("\n"); install_firmware_update( type, image->data, image->size, width, height, bpp, busy->size > 0 ? busy->data : NULL, fail->size > 0 ? fail->data : NULL, "/tmp/recovery.log", expected_sha1); printf("%s: install_firmware_update returned!\n", name); done: FreeValue(image); FreeValue(width_string); FreeValue(height_string); FreeValue(bpp_string); FreeValue(busy); FreeValue(fail); // install_firmware_update should reboot. If it returns, it failed. return StringValue(strdup("")); }