Value* UpdateFn(const char* name, State* state, int argc, Expr* argv[]) {
if (argc != 1) {
return ErrorAbort(state, "%s() expects 6 args, got %d", name, argc);
}
char* type = strrchr(name, '_');
if (type == NULL || *(type+1) == '\0') {
return ErrorAbort(state, "%s() couldn't get type from function name",
name);
}
++type;
Value* image;
if (ReadValueArgs(state, argv, 1, &image) <0) {
return NULL;
}
if (image->type != VAL_BLOB) {
printf("image argument is not blob (is type %d)\n", image->type);
goto done;
}
install_firmware_update(type, image->data, image->size, "/tmp/recovery.log");
printf("%s: install_firmware_update returned!\n", name);
done:
FreeValue(image);
// install_firmware_update should reboot. If it returns, it failed.
return StringValue(strdup(""));
}
Value* WriteBootloaderFn(const char* name, State* state, int argc, Expr* argv[])
{
int result = -1;
Value* img;
Value* xloader_loc;
Value* sbl_loc;
if (argc != 3) {
return ErrorAbort(state, "%s() expects 3 args, got %d", name, argc);
}
if (ReadValueArgs(state, argv, 3, &img, &xloader_loc, &sbl_loc) < 0) {
return NULL;
}
if(img->type != VAL_BLOB ||
xloader_loc->type != VAL_STRING ||
sbl_loc->type != VAL_STRING) {
FreeValue(img);
FreeValue(xloader_loc);
FreeValue(sbl_loc);
return ErrorAbort(state, "%s(): argument types are incorrect", name);
}
result = update_bootloader(img->data, img->size,
xloader_loc->data, sbl_loc->data);
FreeValue(img);
FreeValue(xloader_loc);
FreeValue(sbl_loc);
return StringValue(strdup(result == 0 ? "t" : ""));
}
Value* RangeSha1Fn(const char* name, State* state, int argc, Expr* argv[]) {
Value* blockdev_filename;
Value* ranges;
const uint8_t* digest = NULL;
if (ReadValueArgs(state, argv, 2, &blockdev_filename, &ranges) < 0) {
return NULL;
}
if (blockdev_filename->type != VAL_STRING) {
ErrorAbort(state, "blockdev_filename argument to %s must be string", name);
goto done;
}
if (ranges->type != VAL_STRING) {
ErrorAbort(state, "ranges argument to %s must be string", name);
goto done;
}
int fd = open(blockdev_filename->data, O_RDWR);
if (fd < 0) {
ErrorAbort(state, "failed to open %s: %s", blockdev_filename->data, strerror(errno));
goto done;
}
RangeSet* rs = parse_range(ranges->data);
uint8_t buffer[BLOCKSIZE];
SHA_CTX ctx;
SHA_init(&ctx);
int i, j;
for (i = 0; i < rs->count; ++i) {
check_lseek(fd, (off64_t)rs->pos[i*2] * BLOCKSIZE, SEEK_SET);
for (j = rs->pos[i*2]; j < rs->pos[i*2+1]; ++j) {
readblock(fd, buffer, BLOCKSIZE);
SHA_update(&ctx, buffer, BLOCKSIZE);
}
}
digest = SHA_final(&ctx);
close(fd);
done:
FreeValue(blockdev_filename);
FreeValue(ranges);
if (digest == NULL) {
return StringValue(strdup(""));
} else {
return StringValue(PrintSha1(digest));
}
}
Value *FlashOSImage(const char *name, State * state, int argc, Expr * argv[])
{
char* result = NULL;
Value *funret = NULL;
char *image_type;
int ret;
Value* partition_value;
Value* contents;
if (ReadValueArgs(state, argv, 2, &contents, &partition_value) < 0) {
return NULL;
}
char* partition = NULL;
if (partition_value->type != VAL_STRING) {
ErrorAbort(state, "partition argument to %s must be string", name);
goto exit;
}
partition = partition_value->data;
if (strlen(partition) == 0) {
ErrorAbort(state, "partition argument to %s can't be empty", name);
goto exit;
}
if (contents->type == VAL_STRING && strlen((char*) contents->data) == 0) {
ErrorAbort(state, "file argument to %s can't be empty", name);
goto exit;
}
image_type = basename(partition);
ret = flash_image(contents->data, contents->size, image_type);
if (ret != 0) {
ErrorAbort(state, "%s: Failed to flash image %s, %s.",
name, image_type, strerror(errno));
goto free;
}
funret = StringValue(strdup("t"));
free:
free(image_type);
exit:
return funret;
}
// write_raw_image(filename_or_blob, partition)
Value* WriteRawImageFn(const char* name, State* state, int argc, Expr* argv[]) {
char* result = NULL;
Value* partition_value;
Value* contents;
if (ReadValueArgs(state, argv, 2, &contents, &partition_value) < 0) {
return NULL;
}
char* partition = NULL;
if (partition_value->type != VAL_STRING) {
ErrorAbort(state, "partition argument to %s must be string", name);
goto done;
}
partition = partition_value->data;
if (strlen(partition) == 0) {
ErrorAbort(state, "partition argument to %s can't be empty", name);
goto done;
}
if (contents->type == VAL_STRING && strlen((char*) contents->data) == 0) {
ErrorAbort(state, "file argument to %s can't be empty", name);
goto done;
}
char* filename = contents->data;
if (0 == restore_raw_partition(NULL, partition, filename))
result = strdup(partition);
else {
result = strdup("");
goto done;
}
done:
if (result != partition) FreeValue(partition_value);
FreeValue(contents);
return StringValue(result);
}
// write_raw_image(filename_or_blob, partition)
Value* WriteRawImageFn(const char* name, State* state, int argc, Expr* argv[]) {
char* result = NULL;
Value* partition_value;
Value* contents;
if (ReadValueArgs(state, argv, 2, &contents, &partition_value) < 0) {
return NULL;
}
char* partition = NULL;
if (partition_value->type != VAL_STRING) {
ErrorAbort(state, "partition argument to %s must be string", name);
goto done;
}
partition = partition_value->data;
if (strlen(partition) == 0) {
ErrorAbort(state, "partition argument to %s can't be empty", name);
goto done;
}
if (contents->type == VAL_STRING && strlen((char*) contents->data) == 0) {
ErrorAbort(state, "file argument to %s can't be empty", name);
goto done;
}
mtd_scan_partitions();
const MtdPartition* mtd = mtd_find_partition_by_name(partition);
if (mtd == NULL) {
fprintf(stderr, "%s: no mtd partition named \"%s\"\n", name, partition);
result = strdup("");
goto done;
}
MtdWriteContext* ctx = mtd_write_partition(mtd);
if (ctx == NULL) {
fprintf(stderr, "%s: can't write mtd partition \"%s\"\n",
name, partition);
result = strdup("");
goto done;
}
bool success;
if (contents->type == VAL_STRING) {
// we're given a filename as the contents
char* filename = contents->data;
FILE* f = fopen(filename, "rb");
if (f == NULL) {
fprintf(stderr, "%s: can't open %s: %s\n",
name, filename, strerror(errno));
result = strdup("");
goto done;
}
success = true;
char* buffer = malloc(BUFSIZ);
int read;
while (success && (read = fread(buffer, 1, BUFSIZ, f)) > 0) {
int wrote = mtd_write_data(ctx, buffer, read);
success = success && (wrote == read);
}
free(buffer);
fclose(f);
} else {
// we're given a blob as the contents
ssize_t wrote = mtd_write_data(ctx, contents->data, contents->size);
success = (wrote == contents->size);
}
if (!success) {
fprintf(stderr, "mtd_write_data to %s failed: %s\n",
partition, strerror(errno));
}
if (mtd_erase_blocks(ctx, -1) == -1) {
fprintf(stderr, "%s: error erasing blocks of %s\n", name, partition);
}
if (mtd_write_close(ctx) != 0) {
fprintf(stderr, "%s: error closing write of %s\n", name, partition);
}
printf("%s %s partition\n",
success ? "wrote" : "failed to write", partition);
result = success ? partition : strdup("");
done:
if (result != partition) FreeValue(partition_value);
FreeValue(contents);
return StringValue(result);
}
Value* BlockImageUpdateFn(const char* name, State* state, int argc, Expr* argv[]) {
Value* blockdev_filename;
Value* transfer_list_value;
char* transfer_list = NULL;
Value* new_data_fn;
Value* patch_data_fn;
bool success = false;
if (ReadValueArgs(state, argv, 4, &blockdev_filename, &transfer_list_value,
&new_data_fn, &patch_data_fn) < 0) {
return NULL;
}
if (blockdev_filename->type != VAL_STRING) {
ErrorAbort(state, "blockdev_filename argument to %s must be string", name);
goto done;
}
if (transfer_list_value->type != VAL_BLOB) {
ErrorAbort(state, "transfer_list argument to %s must be blob", name);
goto done;
}
if (new_data_fn->type != VAL_STRING) {
ErrorAbort(state, "new_data_fn argument to %s must be string", name);
goto done;
}
if (patch_data_fn->type != VAL_STRING) {
ErrorAbort(state, "patch_data_fn argument to %s must be string", name);
goto done;
}
UpdaterInfo* ui = (UpdaterInfo*)(state->cookie);
FILE* cmd_pipe = ui->cmd_pipe;
ZipArchive* za = ((UpdaterInfo*)(state->cookie))->package_zip;
const ZipEntry* patch_entry = mzFindZipEntry(za, patch_data_fn->data);
if (patch_entry == NULL) {
ErrorAbort(state, "%s(): no file \"%s\" in package", name, patch_data_fn->data);
goto done;
}
uint8_t* patch_start = ((UpdaterInfo*)(state->cookie))->package_zip_addr +
mzGetZipEntryOffset(patch_entry);
const ZipEntry* new_entry = mzFindZipEntry(za, new_data_fn->data);
if (new_entry == NULL) {
ErrorAbort(state, "%s(): no file \"%s\" in package", name, new_data_fn->data);
goto done;
}
// The transfer list is a text file containing commands to
// transfer data from one place to another on the target
// partition. We parse it and execute the commands in order:
//
// zero [rangeset]
// - fill the indicated blocks with zeros
//
// new [rangeset]
// - fill the blocks with data read from the new_data file
//
// bsdiff patchstart patchlen [src rangeset] [tgt rangeset]
// imgdiff patchstart patchlen [src rangeset] [tgt rangeset]
// - read the source blocks, apply a patch, write result to
// target blocks. bsdiff or imgdiff specifies the type of
// patch.
//
// move [src rangeset] [tgt rangeset]
// - copy data from source blocks to target blocks (no patch
// needed; rangesets are the same size)
//
// erase [rangeset]
// - mark the given blocks as empty
//
// The creator of the transfer list will guarantee that no block
// is read (ie, used as the source for a patch or move) after it
// has been written.
//
// Within one command the source and target ranges may overlap so
// in general we need to read the entire source into memory before
// writing anything to the target blocks.
//
// All the patch data is concatenated into one patch_data file in
// the update package. It must be stored uncompressed because we
// memory-map it in directly from the archive. (Since patches are
// already compressed, we lose very little by not compressing
// their concatenation.)
pthread_t new_data_thread;
NewThreadInfo nti;
nti.za = za;
nti.entry = new_entry;
nti.rss = NULL;
pthread_mutex_init(&nti.mu, NULL);
pthread_cond_init(&nti.cv, NULL);
pthread_attr_t attr;
pthread_attr_init(&attr);
pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_JOINABLE);
pthread_create(&new_data_thread, &attr, unzip_new_data, &nti);
int i, j;
char* linesave;
char* wordsave;
int fd = open(blockdev_filename->data, O_RDWR);
if (fd < 0) {
ErrorAbort(state, "failed to open %s: %s", blockdev_filename->data, strerror(errno));
goto done;
}
char* line;
char* word;
// The data in transfer_list_value is not necessarily
// null-terminated, so we need to copy it to a new buffer and add
// the null that strtok_r will need.
transfer_list = malloc(transfer_list_value->size+1);
if (transfer_list == NULL) {
fprintf(stderr, "failed to allocate %zd bytes for transfer list\n",
transfer_list_value->size+1);
exit(1);
}
memcpy(transfer_list, transfer_list_value->data, transfer_list_value->size);
transfer_list[transfer_list_value->size] = '\0';
line = strtok_r(transfer_list, "\n", &linesave);
// first line in transfer list is the version number; currently
// there's only version 1.
if (strcmp(line, "1") != 0) {
ErrorAbort(state, "unexpected transfer list version [%s]\n", line);
goto done;
}
// second line in transfer list is the total number of blocks we
// expect to write.
line = strtok_r(NULL, "\n", &linesave);
int total_blocks = strtol(line, NULL, 0);
// shouldn't happen, but avoid divide by zero.
if (total_blocks == 0) ++total_blocks;
int blocks_so_far = 0;
uint8_t* buffer = NULL;
size_t buffer_alloc = 0;
// third and subsequent lines are all individual transfer commands.
for (line = strtok_r(NULL, "\n", &linesave); line;
line = strtok_r(NULL, "\n", &linesave)) {
char* style;
style = strtok_r(line, " ", &wordsave);
if (strcmp("move", style) == 0) {
word = strtok_r(NULL, " ", &wordsave);
RangeSet* src = parse_range(word);
word = strtok_r(NULL, " ", &wordsave);
RangeSet* tgt = parse_range(word);
printf(" moving %d blocks\n", src->size);
allocate(src->size * BLOCKSIZE, &buffer, &buffer_alloc);
size_t p = 0;
for (i = 0; i < src->count; ++i) {
check_lseek(fd, (off64_t)src->pos[i*2] * BLOCKSIZE, SEEK_SET);
size_t sz = (src->pos[i*2+1] - src->pos[i*2]) * BLOCKSIZE;
readblock(fd, buffer+p, sz);
p += sz;
}
p = 0;
for (i = 0; i < tgt->count; ++i) {
check_lseek(fd, (off64_t)tgt->pos[i*2] * BLOCKSIZE, SEEK_SET);
size_t sz = (tgt->pos[i*2+1] - tgt->pos[i*2]) * BLOCKSIZE;
writeblock(fd, buffer+p, sz);
p += sz;
}
blocks_so_far += tgt->size;
fprintf(cmd_pipe, "set_progress %.4f\n", (double)blocks_so_far / total_blocks);
fflush(cmd_pipe);
free(src);
free(tgt);
} else if (strcmp("zero", style) == 0 ||
(DEBUG_ERASE && strcmp("erase", style) == 0)) {
word = strtok_r(NULL, " ", &wordsave);
RangeSet* tgt = parse_range(word);
printf(" zeroing %d blocks\n", tgt->size);
allocate(BLOCKSIZE, &buffer, &buffer_alloc);
memset(buffer, 0, BLOCKSIZE);
for (i = 0; i < tgt->count; ++i) {
check_lseek(fd, (off64_t)tgt->pos[i*2] * BLOCKSIZE, SEEK_SET);
for (j = tgt->pos[i*2]; j < tgt->pos[i*2+1]; ++j) {
writeblock(fd, buffer, BLOCKSIZE);
}
}
if (style[0] == 'z') { // "zero" but not "erase"
blocks_so_far += tgt->size;
fprintf(cmd_pipe, "set_progress %.4f\n", (double)blocks_so_far / total_blocks);
fflush(cmd_pipe);
}
free(tgt);
} else if (strcmp("new", style) == 0) {
word = strtok_r(NULL, " ", &wordsave);
RangeSet* tgt = parse_range(word);
printf(" writing %d blocks of new data\n", tgt->size);
RangeSinkState rss;
rss.fd = fd;
rss.tgt = tgt;
rss.p_block = 0;
rss.p_remain = (tgt->pos[1] - tgt->pos[0]) * BLOCKSIZE;
check_lseek(fd, (off64_t)tgt->pos[0] * BLOCKSIZE, SEEK_SET);
pthread_mutex_lock(&nti.mu);
nti.rss = &rss;
pthread_cond_broadcast(&nti.cv);
while (nti.rss) {
pthread_cond_wait(&nti.cv, &nti.mu);
}
pthread_mutex_unlock(&nti.mu);
blocks_so_far += tgt->size;
fprintf(cmd_pipe, "set_progress %.4f\n", (double)blocks_so_far / total_blocks);
fflush(cmd_pipe);
free(tgt);
} else if (strcmp("bsdiff", style) == 0 ||
strcmp("imgdiff", style) == 0) {
word = strtok_r(NULL, " ", &wordsave);
size_t patch_offset = strtoul(word, NULL, 0);
word = strtok_r(NULL, " ", &wordsave);
size_t patch_len = strtoul(word, NULL, 0);
word = strtok_r(NULL, " ", &wordsave);
RangeSet* src = parse_range(word);
word = strtok_r(NULL, " ", &wordsave);
RangeSet* tgt = parse_range(word);
printf(" patching %d blocks to %d\n", src->size, tgt->size);
// Read the source into memory.
allocate(src->size * BLOCKSIZE, &buffer, &buffer_alloc);
size_t p = 0;
for (i = 0; i < src->count; ++i) {
check_lseek(fd, (off64_t)src->pos[i*2] * BLOCKSIZE, SEEK_SET);
size_t sz = (src->pos[i*2+1] - src->pos[i*2]) * BLOCKSIZE;
readblock(fd, buffer+p, sz);
p += sz;
}
Value patch_value;
patch_value.type = VAL_BLOB;
patch_value.size = patch_len;
patch_value.data = (char*)(patch_start + patch_offset);
RangeSinkState rss;
rss.fd = fd;
rss.tgt = tgt;
rss.p_block = 0;
rss.p_remain = (tgt->pos[1] - tgt->pos[0]) * BLOCKSIZE;
check_lseek(fd, (off64_t)tgt->pos[0] * BLOCKSIZE, SEEK_SET);
if (style[0] == 'i') { // imgdiff
ApplyImagePatch(buffer, src->size * BLOCKSIZE,
&patch_value,
&RangeSinkWrite, &rss, NULL, NULL);
} else {
ApplyBSDiffPatch(buffer, src->size * BLOCKSIZE,
&patch_value, 0,
&RangeSinkWrite, &rss, NULL);
}
// We expect the output of the patcher to fill the tgt ranges exactly.
if (rss.p_block != tgt->count || rss.p_remain != 0) {
fprintf(stderr, "range sink underrun?\n");
}
blocks_so_far += tgt->size;
fprintf(cmd_pipe, "set_progress %.4f\n", (double)blocks_so_far / total_blocks);
fflush(cmd_pipe);
free(src);
free(tgt);
} else if (!DEBUG_ERASE && strcmp("erase", style) == 0) {
struct stat st;
if (fstat(fd, &st) == 0 && S_ISBLK(st.st_mode)) {
word = strtok_r(NULL, " ", &wordsave);
RangeSet* tgt = parse_range(word);
printf(" erasing %d blocks\n", tgt->size);
for (i = 0; i < tgt->count; ++i) {
uint64_t range[2];
// offset in bytes
range[0] = tgt->pos[i*2] * (uint64_t)BLOCKSIZE;
// len in bytes
range[1] = (tgt->pos[i*2+1] - tgt->pos[i*2]) * (uint64_t)BLOCKSIZE;
if (ioctl(fd, BLKDISCARD, &range) < 0) {
printf(" blkdiscard failed: %s\n", strerror(errno));
}
}
free(tgt);
} else {
printf(" ignoring erase (not block device)\n");
}
} else {
fprintf(stderr, "unknown transfer style \"%s\"\n", style);
exit(1);
}
}
pthread_join(new_data_thread, NULL);
success = true;
free(buffer);
printf("wrote %d blocks; expected %d\n", blocks_so_far, total_blocks);
printf("max alloc needed was %zu\n", buffer_alloc);
done:
free(transfer_list);
FreeValue(blockdev_filename);
FreeValue(transfer_list_value);
FreeValue(new_data_fn);
FreeValue(patch_data_fn);
return StringValue(success ? strdup("t") : strdup(""));
}
Value* UpdateFn(const char* name, State* state, int argc, Expr* argv[]) {
if (argc != 7) {
return ErrorAbort(state, "%s() expects 7 args, got %d", name, argc);
}
char* type = strrchr(name, '_');
if (type == NULL || *(type+1) == '\0') {
return ErrorAbort(state, "%s() couldn't get type from function name",
name);
}
++type;
Value* image;
Value* width_string;
Value* height_string;
Value* bpp_string;
Value* busy;
Value* fail;
Value* expected_sha1_string;
if (ReadValueArgs(state, argv, 7, &image,
&width_string, &height_string, &bpp_string,
&busy, &fail, &expected_sha1_string) < 0) {
return NULL;
}
// close the package
ZipArchive* za = ((UpdaterInfo*)(state->cookie))->package_zip;
mzCloseZipArchive(za);
((UpdaterInfo*)(state->cookie))->package_zip = NULL;
// Try to unmount /cache. If we fail (because we're running in an
// older recovery that still has the package file open), try to
// remount it read-only. If that fails, abort.
sync();
scan_mounted_volumes();
MountedVolume* vol = find_mounted_volume_by_mount_point("/cache");
int result = unmount_mounted_volume(vol);
if (result != 0) {
printf("%s(): failed to unmount cache (%d: %s)\n",
name, result, strerror(errno));
result = remount_read_only(vol);
if (result != 0) {
printf("%s(): failed to remount cache (%d: %s)\n",
name, result, strerror(errno));
return StringValue(strdup(""));
} else {
printf("%s(): remounted cache\n", name);
}
sync();
} else {
printf("%s(): unmounted cache\n", name);
}
int width = 0, height = 0, bpp = 0;
if (width_string->type != VAL_STRING ||
(width = strtol(width_string->data, NULL, 10)) == 0) {
printf("%s(): bad width argument", name);
}
if (height_string->type != VAL_STRING ||
(height = strtol(height_string->data, NULL, 10)) == 0) {
printf("%s(): bad height argument", name);
}
if (bpp_string->type != VAL_STRING ||
(bpp = strtol(bpp_string->data, NULL, 10)) == 0) {
printf("%s(): bad bpp argument", name);
}
if (image->type != VAL_BLOB) {
printf("image argument is not blob (is type %d)\n", image->type);
goto done;
}
uint8_t expected_sha1[SHA_DIGEST_SIZE];
char* data = expected_sha1_string->data;
if (expected_sha1_string->type != VAL_STRING ||
strlen(data) != SHA_DIGEST_SIZE*2) {
printf("%s(): bad expected_sha1 argument", name);
goto done;
}
printf("expected sha1 is: ");
int i;
for (i = 0; i < SHA_DIGEST_SIZE; ++i) {
char temp = data[i*2+2];
data[i*2+2] = '\0';
expected_sha1[i] = strtol(data+i*2, NULL, 16);
data[i*2+2] = temp;
printf("%02x", expected_sha1[i]);
}
printf("\n");
install_firmware_update(
type,
image->data,
image->size,
width, height, bpp,
busy->size > 0 ? busy->data : NULL,
fail->size > 0 ? fail->data : NULL,
"/tmp/recovery.log",
expected_sha1);
printf("%s: install_firmware_update returned!\n", name);
done:
FreeValue(image);
FreeValue(width_string);
FreeValue(height_string);
FreeValue(bpp_string);
FreeValue(busy);
FreeValue(fail);
// install_firmware_update should reboot. If it returns, it failed.
return StringValue(strdup(""));
}
