| # Copyright (C) 2008 The Android Open Source Project |
| # |
| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| |
| from __future__ import print_function |
| |
| import base64 |
| import collections |
| import copy |
| import errno |
| import fnmatch |
| import getopt |
| import getpass |
| import gzip |
| import imp |
| import json |
| import logging |
| import logging.config |
| import os |
| import platform |
| import re |
| import shlex |
| import shutil |
| import subprocess |
| import sys |
| import tempfile |
| import threading |
| import time |
| import zipfile |
| from hashlib import sha1, sha256 |
| |
| import images |
| import sparse_img |
| from blockimgdiff import BlockImageDiff |
| |
| logger = logging.getLogger(__name__) |
| |
| |
| class Options(object): |
| |
| def __init__(self): |
| # Set up search path, in order to find framework/ and lib64/. At the time of |
| # running this function, user-supplied search path (`--path`) hasn't been |
| # available. So the value set here is the default, which might be overridden |
| # by commandline flag later. |
| exec_path = sys.argv[0] |
| if exec_path.endswith('.py'): |
| script_name = os.path.basename(exec_path) |
| # logger hasn't been initialized yet at this point. Use print to output |
| # warnings. |
| print( |
| 'Warning: releasetools script should be invoked as hermetic Python ' |
| 'executable -- build and run `{}` directly.'.format(script_name[:-3]), |
| file=sys.stderr) |
| self.search_path = os.path.realpath(os.path.join(os.path.dirname(exec_path), '..')) |
| |
| self.signapk_path = "framework/signapk.jar" # Relative to search_path |
| self.signapk_shared_library_path = "lib64" # Relative to search_path |
| self.extra_signapk_args = [] |
| self.java_path = "java" # Use the one on the path by default. |
| self.java_args = ["-Xmx2048m"] # The default JVM args. |
| self.android_jar_path = None |
| self.public_key_suffix = ".x509.pem" |
| self.private_key_suffix = ".pk8" |
| # use otatools built boot_signer by default |
| self.boot_signer_path = "boot_signer" |
| self.boot_signer_args = [] |
| self.verity_signer_path = None |
| self.verity_signer_args = [] |
| self.aftl_server = None |
| self.aftl_key_path = None |
| self.aftl_manufacturer_key_path = None |
| self.aftl_signer_helper = None |
| self.verbose = False |
| self.tempfiles = [] |
| self.device_specific = None |
| self.extras = {} |
| self.info_dict = None |
| self.source_info_dict = None |
| self.target_info_dict = None |
| self.worker_threads = None |
| # Stash size cannot exceed cache_size * threshold. |
| self.cache_size = None |
| self.stash_threshold = 0.8 |
| self.logfile = None |
| |
| |
| OPTIONS = Options() |
| |
| # The block size that's used across the releasetools scripts. |
| BLOCK_SIZE = 4096 |
| |
| # Values for "certificate" in apkcerts that mean special things. |
| SPECIAL_CERT_STRINGS = ("PRESIGNED", "EXTERNAL") |
| |
| # The partitions allowed to be signed by AVB (Android Verified Boot 2.0). Note |
| # that system_other is not in the list because we don't want to include its |
| # descriptor into vbmeta.img. |
| AVB_PARTITIONS = ('boot', 'dtbo', 'odm', 'product', 'recovery', 'system', |
| 'system_ext', 'vendor', 'vendor_boot') |
| |
| # Chained VBMeta partitions. |
| AVB_VBMETA_PARTITIONS = ('vbmeta_system', 'vbmeta_vendor') |
| |
| # Partitions that should have their care_map added to META/care_map.pb |
| PARTITIONS_WITH_CARE_MAP = ('system', 'vendor', 'product', 'system_ext', 'odm') |
| |
| |
| class ErrorCode(object): |
| """Define error_codes for failures that happen during the actual |
| update package installation. |
| |
| Error codes 0-999 are reserved for failures before the package |
| installation (i.e. low battery, package verification failure). |
| Detailed code in 'bootable/recovery/error_code.h' """ |
| |
| SYSTEM_VERIFICATION_FAILURE = 1000 |
| SYSTEM_UPDATE_FAILURE = 1001 |
| SYSTEM_UNEXPECTED_CONTENTS = 1002 |
| SYSTEM_NONZERO_CONTENTS = 1003 |
| SYSTEM_RECOVER_FAILURE = 1004 |
| VENDOR_VERIFICATION_FAILURE = 2000 |
| VENDOR_UPDATE_FAILURE = 2001 |
| VENDOR_UNEXPECTED_CONTENTS = 2002 |
| VENDOR_NONZERO_CONTENTS = 2003 |
| VENDOR_RECOVER_FAILURE = 2004 |
| OEM_PROP_MISMATCH = 3000 |
| FINGERPRINT_MISMATCH = 3001 |
| THUMBPRINT_MISMATCH = 3002 |
| OLDER_BUILD = 3003 |
| DEVICE_MISMATCH = 3004 |
| BAD_PATCH_FILE = 3005 |
| INSUFFICIENT_CACHE_SPACE = 3006 |
| TUNE_PARTITION_FAILURE = 3007 |
| APPLY_PATCH_FAILURE = 3008 |
| |
| |
| class ExternalError(RuntimeError): |
| pass |
| |
| |
| def InitLogging(): |
| DEFAULT_LOGGING_CONFIG = { |
| 'version': 1, |
| 'disable_existing_loggers': False, |
| 'formatters': { |
| 'standard': { |
| 'format': |
| '%(asctime)s - %(filename)s - %(levelname)-8s: %(message)s', |
| 'datefmt': '%Y-%m-%d %H:%M:%S', |
| }, |
| }, |
| 'handlers': { |
| 'default': { |
| 'class': 'logging.StreamHandler', |
| 'formatter': 'standard', |
| 'level': 'WARNING', |
| }, |
| }, |
| 'loggers': { |
| '': { |
| 'handlers': ['default'], |
| 'propagate': True, |
| 'level': 'INFO', |
| } |
| } |
| } |
| env_config = os.getenv('LOGGING_CONFIG') |
| if env_config: |
| with open(env_config) as f: |
| config = json.load(f) |
| else: |
| config = DEFAULT_LOGGING_CONFIG |
| |
| # Increase the logging level for verbose mode. |
| if OPTIONS.verbose: |
| config = copy.deepcopy(config) |
| config['handlers']['default']['level'] = 'INFO' |
| |
| if OPTIONS.logfile: |
| config = copy.deepcopy(config) |
| config['handlers']['logfile'] = { |
| 'class': 'logging.FileHandler', |
| 'formatter': 'standard', |
| 'level': 'INFO', |
| 'mode': 'w', |
| 'filename': OPTIONS.logfile, |
| } |
| config['loggers']['']['handlers'].append('logfile') |
| |
| logging.config.dictConfig(config) |
| |
| |
| def Run(args, verbose=None, **kwargs): |
| """Creates and returns a subprocess.Popen object. |
| |
| Args: |
| args: The command represented as a list of strings. |
| verbose: Whether the commands should be shown. Default to the global |
| verbosity if unspecified. |
| kwargs: Any additional args to be passed to subprocess.Popen(), such as env, |
| stdin, etc. stdout and stderr will default to subprocess.PIPE and |
| subprocess.STDOUT respectively unless caller specifies any of them. |
| universal_newlines will default to True, as most of the users in |
| releasetools expect string output. |
| |
| Returns: |
| A subprocess.Popen object. |
| """ |
| if 'stdout' not in kwargs and 'stderr' not in kwargs: |
| kwargs['stdout'] = subprocess.PIPE |
| kwargs['stderr'] = subprocess.STDOUT |
| if 'universal_newlines' not in kwargs: |
| kwargs['universal_newlines'] = True |
| # Don't log any if caller explicitly says so. |
| if verbose != False: |
| logger.info(" Running: \"%s\"", " ".join(args)) |
| return subprocess.Popen(args, **kwargs) |
| |
| |
| def RunAndWait(args, verbose=None, **kwargs): |
| """Runs the given command waiting for it to complete. |
| |
| Args: |
| args: The command represented as a list of strings. |
| verbose: Whether the commands should be shown. Default to the global |
| verbosity if unspecified. |
| kwargs: Any additional args to be passed to subprocess.Popen(), such as env, |
| stdin, etc. stdout and stderr will default to subprocess.PIPE and |
| subprocess.STDOUT respectively unless caller specifies any of them. |
| |
| Raises: |
| ExternalError: On non-zero exit from the command. |
| """ |
| proc = Run(args, verbose=verbose, **kwargs) |
| proc.wait() |
| |
| if proc.returncode != 0: |
| raise ExternalError( |
| "Failed to run command '{}' (exit code {})".format( |
| args, proc.returncode)) |
| |
| |
| def RunAndCheckOutput(args, verbose=None, **kwargs): |
| """Runs the given command and returns the output. |
| |
| Args: |
| args: The command represented as a list of strings. |
| verbose: Whether the commands should be shown. Default to the global |
| verbosity if unspecified. |
| kwargs: Any additional args to be passed to subprocess.Popen(), such as env, |
| stdin, etc. stdout and stderr will default to subprocess.PIPE and |
| subprocess.STDOUT respectively unless caller specifies any of them. |
| |
| Returns: |
| The output string. |
| |
| Raises: |
| ExternalError: On non-zero exit from the command. |
| """ |
| proc = Run(args, verbose=verbose, **kwargs) |
| output, _ = proc.communicate() |
| if output is None: |
| output = "" |
| # Don't log any if caller explicitly says so. |
| if verbose != False: |
| logger.info("%s", output.rstrip()) |
| if proc.returncode != 0: |
| raise ExternalError( |
| "Failed to run command '{}' (exit code {}):\n{}".format( |
| args, proc.returncode, output)) |
| return output |
| |
| |
| def RoundUpTo4K(value): |
| rounded_up = value + 4095 |
| return rounded_up - (rounded_up % 4096) |
| |
| |
| def CloseInheritedPipes(): |
| """ Gmake in MAC OS has file descriptor (PIPE) leak. We close those fds |
| before doing other work.""" |
| if platform.system() != "Darwin": |
| return |
| for d in range(3, 1025): |
| try: |
| stat = os.fstat(d) |
| if stat is not None: |
| pipebit = stat[0] & 0x1000 |
| if pipebit != 0: |
| os.close(d) |
| except OSError: |
| pass |
| |
| |
| class BuildInfo(object): |
| """A class that holds the information for a given build. |
| |
| This class wraps up the property querying for a given source or target build. |
| It abstracts away the logic of handling OEM-specific properties, and caches |
| the commonly used properties such as fingerprint. |
| |
| There are two types of info dicts: a) build-time info dict, which is generated |
| at build time (i.e. included in a target_files zip); b) OEM info dict that is |
| specified at package generation time (via command line argument |
| '--oem_settings'). If a build doesn't use OEM-specific properties (i.e. not |
| having "oem_fingerprint_properties" in build-time info dict), all the queries |
| would be answered based on build-time info dict only. Otherwise if using |
| OEM-specific properties, some of them will be calculated from two info dicts. |
| |
| Users can query properties similarly as using a dict() (e.g. info['fstab']), |
| or to query build properties via GetBuildProp() or GetPartitionBuildProp(). |
| |
| Attributes: |
| info_dict: The build-time info dict. |
| is_ab: Whether it's a build that uses A/B OTA. |
| oem_dicts: A list of OEM dicts. |
| oem_props: A list of OEM properties that should be read from OEM dicts; None |
| if the build doesn't use any OEM-specific property. |
| fingerprint: The fingerprint of the build, which would be calculated based |
| on OEM properties if applicable. |
| device: The device name, which could come from OEM dicts if applicable. |
| """ |
| |
| _RO_PRODUCT_RESOLVE_PROPS = ["ro.product.brand", "ro.product.device", |
| "ro.product.manufacturer", "ro.product.model", |
| "ro.product.name"] |
| _RO_PRODUCT_PROPS_DEFAULT_SOURCE_ORDER_CURRENT = [ |
| "product", "odm", "vendor", "system_ext", "system"] |
| _RO_PRODUCT_PROPS_DEFAULT_SOURCE_ORDER_ANDROID_10 = [ |
| "product", "product_services", "odm", "vendor", "system"] |
| _RO_PRODUCT_PROPS_DEFAULT_SOURCE_ORDER_LEGACY = [] |
| |
| def __init__(self, info_dict, oem_dicts=None): |
| """Initializes a BuildInfo instance with the given dicts. |
| |
| Note that it only wraps up the given dicts, without making copies. |
| |
| Arguments: |
| info_dict: The build-time info dict. |
| oem_dicts: A list of OEM dicts (which is parsed from --oem_settings). Note |
| that it always uses the first dict to calculate the fingerprint or the |
| device name. The rest would be used for asserting OEM properties only |
| (e.g. one package can be installed on one of these devices). |
| |
| Raises: |
| ValueError: On invalid inputs. |
| """ |
| self.info_dict = info_dict |
| self.oem_dicts = oem_dicts |
| |
| self._is_ab = info_dict.get("ab_update") == "true" |
| |
| # Skip _oem_props if oem_dicts is None to use BuildInfo in |
| # sign_target_files_apks |
| if self.oem_dicts: |
| self._oem_props = info_dict.get("oem_fingerprint_properties") |
| else: |
| self._oem_props = None |
| |
| def check_fingerprint(fingerprint): |
| if (" " in fingerprint or any(ord(ch) > 127 for ch in fingerprint)): |
| raise ValueError( |
| 'Invalid build fingerprint: "{}". See the requirement in Android CDD ' |
| "3.2.2. Build Parameters.".format(fingerprint)) |
| |
| |
| self._partition_fingerprints = {} |
| for partition in PARTITIONS_WITH_CARE_MAP: |
| try: |
| fingerprint = self.CalculatePartitionFingerprint(partition) |
| check_fingerprint(fingerprint) |
| self._partition_fingerprints[partition] = fingerprint |
| except ExternalError: |
| continue |
| if "system" in self._partition_fingerprints: |
| # system_other is not included in PARTITIONS_WITH_CARE_MAP, but does |
| # need a fingerprint when creating the image. |
| self._partition_fingerprints[ |
| "system_other"] = self._partition_fingerprints["system"] |
| |
| # These two should be computed only after setting self._oem_props. |
| self._device = self.GetOemProperty("ro.product.device") |
| self._fingerprint = self.CalculateFingerprint() |
| check_fingerprint(self._fingerprint) |
| |
| @property |
| def is_ab(self): |
| return self._is_ab |
| |
| @property |
| def device(self): |
| return self._device |
| |
| @property |
| def fingerprint(self): |
| return self._fingerprint |
| |
| @property |
| def oem_props(self): |
| return self._oem_props |
| |
| def __getitem__(self, key): |
| return self.info_dict[key] |
| |
| def __setitem__(self, key, value): |
| self.info_dict[key] = value |
| |
| def get(self, key, default=None): |
| return self.info_dict.get(key, default) |
| |
| def items(self): |
| return self.info_dict.items() |
| |
| def _GetRawBuildProp(self, prop, partition): |
| prop_file = '{}.build.prop'.format( |
| partition) if partition else 'build.prop' |
| partition_props = self.info_dict.get(prop_file) |
| if not partition_props: |
| return None |
| return partition_props.GetProp(prop) |
| |
| def GetPartitionBuildProp(self, prop, partition): |
| """Returns the inquired build property for the provided partition.""" |
| # If provided a partition for this property, only look within that |
| # partition's build.prop. |
| if prop in BuildInfo._RO_PRODUCT_RESOLVE_PROPS: |
| prop = prop.replace("ro.product", "ro.product.{}".format(partition)) |
| else: |
| prop = prop.replace("ro.", "ro.{}.".format(partition)) |
| |
| prop_val = self._GetRawBuildProp(prop, partition) |
| if prop_val is not None: |
| return prop_val |
| raise ExternalError("couldn't find %s in %s.build.prop" % |
| (prop, partition)) |
| |
| def GetBuildProp(self, prop): |
| """Returns the inquired build property from the standard build.prop file.""" |
| if prop in BuildInfo._RO_PRODUCT_RESOLVE_PROPS: |
| return self._ResolveRoProductBuildProp(prop) |
| |
| prop_val = self._GetRawBuildProp(prop, None) |
| if prop_val is not None: |
| return prop_val |
| |
| raise ExternalError("couldn't find %s in build.prop" % (prop,)) |
| |
| def _ResolveRoProductBuildProp(self, prop): |
| """Resolves the inquired ro.product.* build property""" |
| prop_val = self._GetRawBuildProp(prop, None) |
| if prop_val: |
| return prop_val |
| |
| default_source_order = self._GetRoProductPropsDefaultSourceOrder() |
| source_order_val = self._GetRawBuildProp( |
| "ro.product.property_source_order", None) |
| if source_order_val: |
| source_order = source_order_val.split(",") |
| else: |
| source_order = default_source_order |
| |
| # Check that all sources in ro.product.property_source_order are valid |
| if any([x not in default_source_order for x in source_order]): |
| raise ExternalError( |
| "Invalid ro.product.property_source_order '{}'".format(source_order)) |
| |
| for source_partition in source_order: |
| source_prop = prop.replace( |
| "ro.product", "ro.product.{}".format(source_partition), 1) |
| prop_val = self._GetRawBuildProp(source_prop, source_partition) |
| if prop_val: |
| return prop_val |
| |
| raise ExternalError("couldn't resolve {}".format(prop)) |
| |
| def _GetRoProductPropsDefaultSourceOrder(self): |
| # NOTE: refer to CDDs and android.os.Build.VERSION for the definition and |
| # values of these properties for each Android release. |
| android_codename = self._GetRawBuildProp("ro.build.version.codename", None) |
| if android_codename == "REL": |
| android_version = self._GetRawBuildProp("ro.build.version.release", None) |
| if android_version == "10": |
| return BuildInfo._RO_PRODUCT_PROPS_DEFAULT_SOURCE_ORDER_ANDROID_10 |
| # NOTE: float() conversion of android_version will have rounding error. |
| # We are checking for "9" or less, and using "< 10" is well outside of |
| # possible floating point rounding. |
| try: |
| android_version_val = float(android_version) |
| except ValueError: |
| android_version_val = 0 |
| if android_version_val < 10: |
| return BuildInfo._RO_PRODUCT_PROPS_DEFAULT_SOURCE_ORDER_LEGACY |
| return BuildInfo._RO_PRODUCT_PROPS_DEFAULT_SOURCE_ORDER_CURRENT |
| |
| def GetOemProperty(self, key): |
| if self.oem_props is not None and key in self.oem_props: |
| return self.oem_dicts[0][key] |
| return self.GetBuildProp(key) |
| |
| def GetPartitionFingerprint(self, partition): |
| return self._partition_fingerprints.get(partition, None) |
| |
| def CalculatePartitionFingerprint(self, partition): |
| try: |
| return self.GetPartitionBuildProp("ro.build.fingerprint", partition) |
| except ExternalError: |
| return "{}/{}/{}:{}/{}/{}:{}/{}".format( |
| self.GetPartitionBuildProp("ro.product.brand", partition), |
| self.GetPartitionBuildProp("ro.product.name", partition), |
| self.GetPartitionBuildProp("ro.product.device", partition), |
| self.GetPartitionBuildProp("ro.build.version.release", partition), |
| self.GetPartitionBuildProp("ro.build.id", partition), |
| self.GetPartitionBuildProp("ro.build.version.incremental", partition), |
| self.GetPartitionBuildProp("ro.build.type", partition), |
| self.GetPartitionBuildProp("ro.build.tags", partition)) |
| |
| def CalculateFingerprint(self): |
| if self.oem_props is None: |
| try: |
| return self.GetBuildProp("ro.build.fingerprint") |
| except ExternalError: |
| return "{}/{}/{}:{}/{}/{}:{}/{}".format( |
| self.GetBuildProp("ro.product.brand"), |
| self.GetBuildProp("ro.product.name"), |
| self.GetBuildProp("ro.product.device"), |
| self.GetBuildProp("ro.build.version.release"), |
| self.GetBuildProp("ro.build.id"), |
| self.GetBuildProp("ro.build.version.incremental"), |
| self.GetBuildProp("ro.build.type"), |
| self.GetBuildProp("ro.build.tags")) |
| return "%s/%s/%s:%s" % ( |
| self.GetOemProperty("ro.product.brand"), |
| self.GetOemProperty("ro.product.name"), |
| self.GetOemProperty("ro.product.device"), |
| self.GetBuildProp("ro.build.thumbprint")) |
| |
| def WriteMountOemScript(self, script): |
| assert self.oem_props is not None |
| recovery_mount_options = self.info_dict.get("recovery_mount_options") |
| script.Mount("/oem", recovery_mount_options) |
| |
| def WriteDeviceAssertions(self, script, oem_no_mount): |
| # Read the property directly if not using OEM properties. |
| if not self.oem_props: |
| script.AssertDevice(self.device) |
| return |
| |
| # Otherwise assert OEM properties. |
| if not self.oem_dicts: |
| raise ExternalError( |
| "No OEM file provided to answer expected assertions") |
| |
| for prop in self.oem_props.split(): |
| values = [] |
| for oem_dict in self.oem_dicts: |
| if prop in oem_dict: |
| values.append(oem_dict[prop]) |
| if not values: |
| raise ExternalError( |
| "The OEM file is missing the property %s" % (prop,)) |
| script.AssertOemProperty(prop, values, oem_no_mount) |
| |
| |
| def ReadFromInputFile(input_file, fn): |
| """Reads the contents of fn from input zipfile or directory.""" |
| if isinstance(input_file, zipfile.ZipFile): |
| return input_file.read(fn).decode() |
| else: |
| path = os.path.join(input_file, *fn.split("/")) |
| try: |
| with open(path) as f: |
| return f.read() |
| except IOError as e: |
| if e.errno == errno.ENOENT: |
| raise KeyError(fn) |
| |
| |
| def LoadInfoDict(input_file, repacking=False): |
| """Loads the key/value pairs from the given input target_files. |
| |
| It reads `META/misc_info.txt` file in the target_files input, does sanity |
| checks and returns the parsed key/value pairs for to the given build. It's |
| usually called early when working on input target_files files, e.g. when |
| generating OTAs, or signing builds. Note that the function may be called |
| against an old target_files file (i.e. from past dessert releases). So the |
| property parsing needs to be backward compatible. |
| |
| In a `META/misc_info.txt`, a few properties are stored as links to the files |
| in the PRODUCT_OUT directory. It works fine with the build system. However, |
| they are no longer available when (re)generating images from target_files zip. |
| When `repacking` is True, redirect these properties to the actual files in the |
| unzipped directory. |
| |
| Args: |
| input_file: The input target_files file, which could be an open |
| zipfile.ZipFile instance, or a str for the dir that contains the files |
| unzipped from a target_files file. |
| repacking: Whether it's trying repack an target_files file after loading the |
| info dict (default: False). If so, it will rewrite a few loaded |
| properties (e.g. selinux_fc, root_dir) to point to the actual files in |
| target_files file. When doing repacking, `input_file` must be a dir. |
| |
| Returns: |
| A dict that contains the parsed key/value pairs. |
| |
| Raises: |
| AssertionError: On invalid input arguments. |
| ValueError: On malformed input values. |
| """ |
| if repacking: |
| assert isinstance(input_file, str), \ |
| "input_file must be a path str when doing repacking" |
| |
| def read_helper(fn): |
| return ReadFromInputFile(input_file, fn) |
| |
| try: |
| d = LoadDictionaryFromLines(read_helper("META/misc_info.txt").split("\n")) |
| except KeyError: |
| raise ValueError("Failed to find META/misc_info.txt in input target-files") |
| |
| if "recovery_api_version" not in d: |
| raise ValueError("Failed to find 'recovery_api_version'") |
| if "fstab_version" not in d: |
| raise ValueError("Failed to find 'fstab_version'") |
| |
| if repacking: |
| # "selinux_fc" properties should point to the file_contexts files |
| # (file_contexts.bin) under META/. |
| for key in d: |
| if key.endswith("selinux_fc"): |
| fc_basename = os.path.basename(d[key]) |
| fc_config = os.path.join(input_file, "META", fc_basename) |
| assert os.path.exists(fc_config) |
| |
| d[key] = fc_config |
| |
| # Similarly we need to redirect "root_dir", and "root_fs_config". |
| d["root_dir"] = os.path.join(input_file, "ROOT") |
| d["root_fs_config"] = os.path.join( |
| input_file, "META", "root_filesystem_config.txt") |
| |
| # Redirect {partition}_base_fs_file for each of the named partitions. |
| for part_name in ["system", "vendor", "system_ext", "product", "odm"]: |
| key_name = part_name + "_base_fs_file" |
| if key_name not in d: |
| continue |
| basename = os.path.basename(d[key_name]) |
| base_fs_file = os.path.join(input_file, "META", basename) |
| if os.path.exists(base_fs_file): |
| d[key_name] = base_fs_file |
| else: |
| logger.warning( |
| "Failed to find %s base fs file: %s", part_name, base_fs_file) |
| del d[key_name] |
| |
| def makeint(key): |
| if key in d: |
| d[key] = int(d[key], 0) |
| |
| makeint("recovery_api_version") |
| makeint("blocksize") |
| makeint("system_size") |
| makeint("vendor_size") |
| makeint("userdata_size") |
| makeint("cache_size") |
| makeint("recovery_size") |
| makeint("fstab_version") |
| |
| boot_images = "boot.img" |
| if "boot_images" in d: |
| boot_images = d["boot_images"] |
| for b in boot_images.split(): |
| makeint(b.replace(".img","_size")) |
| |
| # Load recovery fstab if applicable. |
| d["fstab"] = _FindAndLoadRecoveryFstab(d, input_file, read_helper) |
| |
| # Tries to load the build props for all partitions with care_map, including |
| # system and vendor. |
| for partition in PARTITIONS_WITH_CARE_MAP: |
| partition_prop = "{}.build.prop".format(partition) |
| d[partition_prop] = PartitionBuildProps.FromInputFile( |
| input_file, partition) |
| d["build.prop"] = d["system.build.prop"] |
| |
| # Set up the salt (based on fingerprint) that will be used when adding AVB |
| # hash / hashtree footers. |
| if d.get("avb_enable") == "true": |
| build_info = BuildInfo(d) |
| for partition in PARTITIONS_WITH_CARE_MAP: |
| fingerprint = build_info.GetPartitionFingerprint(partition) |
| if fingerprint: |
| d["avb_{}_salt".format(partition)] = sha256(fingerprint).hexdigest() |
| |
| return d |
| |
| |
| def LoadListFromFile(file_path): |
| with open(file_path) as f: |
| return f.read().splitlines() |
| |
| |
| def LoadDictionaryFromFile(file_path): |
| lines = LoadListFromFile(file_path) |
| return LoadDictionaryFromLines(lines) |
| |
| |
| def LoadDictionaryFromLines(lines): |
| d = {} |
| for line in lines: |
| line = line.strip() |
| if not line or line.startswith("#"): |
| continue |
| if "=" in line: |
| name, value = line.split("=", 1) |
| d[name] = value |
| return d |
| |
| |
| class PartitionBuildProps(object): |
| """The class holds the build prop of a particular partition. |
| |
| This class loads the build.prop and holds the build properties for a given |
| partition. It also partially recognizes the 'import' statement in the |
| build.prop; and calculates alternative values of some specific build |
| properties during runtime. |
| |
| Attributes: |
| input_file: a zipped target-file or an unzipped target-file directory. |
| partition: name of the partition. |
| props_allow_override: a list of build properties to search for the |
| alternative values during runtime. |
| build_props: a dict of build properties for the given partition. |
| prop_overrides: a set of props that are overridden by import. |
| placeholder_values: A dict of runtime variables' values to replace the |
| placeholders in the build.prop file. We expect exactly one value for |
| each of the variables. |
| """ |
| def __init__(self, input_file, name, placeholder_values=None): |
| self.input_file = input_file |
| self.partition = name |
| self.props_allow_override = [props.format(name) for props in [ |
| 'ro.product.{}.brand', 'ro.product.{}.name', 'ro.product.{}.device']] |
| self.build_props = {} |
| self.prop_overrides = set() |
| self.placeholder_values = {} |
| if placeholder_values: |
| self.placeholder_values = copy.deepcopy(placeholder_values) |
| |
| @staticmethod |
| def FromDictionary(name, build_props): |
| """Constructs an instance from a build prop dictionary.""" |
| |
| props = PartitionBuildProps("unknown", name) |
| props.build_props = build_props.copy() |
| return props |
| |
| @staticmethod |
| def FromInputFile(input_file, name, placeholder_values=None): |
| """Loads the build.prop file and builds the attributes.""" |
| data = '' |
| for prop_file in ['{}/etc/build.prop'.format(name.upper()), |
| '{}/build.prop'.format(name.upper())]: |
| try: |
| data = ReadFromInputFile(input_file, prop_file) |
| break |
| except KeyError: |
| logger.warning('Failed to read %s', prop_file) |
| |
| props = PartitionBuildProps(input_file, name, placeholder_values) |
| props._LoadBuildProp(data) |
| return props |
| |
| def _LoadBuildProp(self, data): |
| for line in data.split('\n'): |
| line = line.strip() |
| if not line or line.startswith("#"): |
| continue |
| if line.startswith("import"): |
| overrides = self._ImportParser(line) |
| duplicates = self.prop_overrides.intersection(overrides.keys()) |
| if duplicates: |
| raise ValueError('prop {} is overridden multiple times'.format( |
| ','.join(duplicates))) |
| self.prop_overrides = self.prop_overrides.union(overrides.keys()) |
| self.build_props.update(overrides) |
| elif "=" in line: |
| name, value = line.split("=", 1) |
| if name in self.prop_overrides: |
| raise ValueError('prop {} is set again after overridden by import ' |
| 'statement'.format(name)) |
| self.build_props[name] = value |
| |
| def _ImportParser(self, line): |
| """Parses the build prop in a given import statement.""" |
| |
| tokens = line.split() |
| if tokens[0] != 'import' or (len(tokens) != 2 and len(tokens) != 3) : |
| raise ValueError('Unrecognized import statement {}'.format(line)) |
| |
| if len(tokens) == 3: |
| logger.info("Import %s from %s, skip", tokens[2], tokens[1]) |
| return {} |
| |
| import_path = tokens[1] |
| if not re.match(r'^/{}/.*\.prop$'.format(self.partition), import_path): |
| raise ValueError('Unrecognized import path {}'.format(line)) |
| |
| # We only recognize a subset of import statement that the init process |
| # supports. And we can loose the restriction based on how the dynamic |
| # fingerprint is used in practice. The placeholder format should be |
| # ${placeholder}, and its value should be provided by the caller through |
| # the placeholder_values. |
| for prop, value in self.placeholder_values.items(): |
| prop_place_holder = '${{{}}}'.format(prop) |
| if prop_place_holder in import_path: |
| import_path = import_path.replace(prop_place_holder, value) |
| if '$' in import_path: |
| logger.info('Unresolved place holder in import path %s', import_path) |
| return {} |
| |
| import_path = import_path.replace('/{}'.format(self.partition), |
| self.partition.upper()) |
| logger.info('Parsing build props override from %s', import_path) |
| |
| lines = ReadFromInputFile(self.input_file, import_path).split('\n') |
| d = LoadDictionaryFromLines(lines) |
| return {key: val for key, val in d.items() |
| if key in self.props_allow_override} |
| |
| def GetProp(self, prop): |
| return self.build_props.get(prop) |
| |
| |
| def LoadRecoveryFSTab(read_helper, fstab_version, recovery_fstab_path, |
| system_root_image=False): |
| class Partition(object): |
| def __init__(self, mount_point, fs_type, device, length, context, slotselect): |
| self.mount_point = mount_point |
| self.fs_type = fs_type |
| self.device = device |
| self.length = length |
| self.context = context |
| self.slotselect = slotselect |
| |
| try: |
| data = read_helper(recovery_fstab_path) |
| except KeyError: |
| logger.warning("Failed to find %s", recovery_fstab_path) |
| data = "" |
| |
| assert fstab_version == 2 |
| |
| d = {} |
| for line in data.split("\n"): |
| line = line.strip() |
| if not line or line.startswith("#"): |
| continue |
| |
| # <src> <mnt_point> <type> <mnt_flags and options> <fs_mgr_flags> |
| pieces = line.split() |
| if len(pieces) != 5: |
| raise ValueError("malformed recovery.fstab line: \"%s\"" % (line,)) |
| |
| # Ignore entries that are managed by vold. |
| options = pieces[4] |
| if "voldmanaged=" in options: |
| continue |
| |
| # It's a good line, parse it. |
| length = 0 |
| slotselect = False |
| options = options.split(",") |
| for i in options: |
| if i.startswith("length="): |
| length = int(i[7:]) |
| elif i == "slotselect": |
| slotselect = True |
| else: |
| # Ignore all unknown options in the unified fstab. |
| continue |
| |
| mount_flags = pieces[3] |
| # Honor the SELinux context if present. |
| context = None |
| for i in mount_flags.split(","): |
| if i.startswith("context="): |
| context = i |
| |
| mount_point = pieces[1] |
| d[mount_point] = Partition(mount_point=mount_point, fs_type=pieces[2], |
| device=pieces[0], length=length, context=context, |
| slotselect=slotselect) |
| |
| # / is used for the system mount point when the root directory is included in |
| # system. Other areas assume system is always at "/system" so point /system |
| # at /. |
| if system_root_image: |
| assert '/system' not in d and '/' in d |
| d["/system"] = d["/"] |
| return d |
| |
| |
| def _FindAndLoadRecoveryFstab(info_dict, input_file, read_helper): |
| """Finds the path to recovery fstab and loads its contents.""" |
| # recovery fstab is only meaningful when installing an update via recovery |
| # (i.e. non-A/B OTA). Skip loading fstab if device used A/B OTA. |
| if info_dict.get('ab_update') == 'true' and \ |
| info_dict.get("allow_non_ab") != "true": |
| return None |
| |
| # We changed recovery.fstab path in Q, from ../RAMDISK/etc/recovery.fstab to |
| # ../RAMDISK/system/etc/recovery.fstab. This function has to handle both |
| # cases, since it may load the info_dict from an old build (e.g. when |
| # generating incremental OTAs from that build). |
| system_root_image = info_dict.get('system_root_image') == 'true' |
| if info_dict.get('no_recovery') != 'true': |
| recovery_fstab_path = 'RECOVERY/RAMDISK/system/etc/recovery.fstab' |
| if isinstance(input_file, zipfile.ZipFile): |
| if recovery_fstab_path not in input_file.namelist(): |
| recovery_fstab_path = 'RECOVERY/RAMDISK/etc/recovery.fstab' |
| else: |
| path = os.path.join(input_file, *recovery_fstab_path.split('/')) |
| if not os.path.exists(path): |
| recovery_fstab_path = 'RECOVERY/RAMDISK/etc/recovery.fstab' |
| return LoadRecoveryFSTab( |
| read_helper, info_dict['fstab_version'], recovery_fstab_path, |
| system_root_image) |
| |
| if info_dict.get('recovery_as_boot') == 'true': |
| recovery_fstab_path = 'BOOT/RAMDISK/system/etc/recovery.fstab' |
| if isinstance(input_file, zipfile.ZipFile): |
| if recovery_fstab_path not in input_file.namelist(): |
| recovery_fstab_path = 'BOOT/RAMDISK/etc/recovery.fstab' |
| else: |
| path = os.path.join(input_file, *recovery_fstab_path.split('/')) |
| if not os.path.exists(path): |
| recovery_fstab_path = 'BOOT/RAMDISK/etc/recovery.fstab' |
| return LoadRecoveryFSTab( |
| read_helper, info_dict['fstab_version'], recovery_fstab_path, |
| system_root_image) |
| |
| return None |
| |
| |
| def DumpInfoDict(d): |
| for k, v in sorted(d.items()): |
| logger.info("%-25s = (%s) %s", k, type(v).__name__, v) |
| |
| |
| def MergeDynamicPartitionInfoDicts(framework_dict, vendor_dict): |
| """Merges dynamic partition info variables. |
| |
| Args: |
| framework_dict: The dictionary of dynamic partition info variables from the |
| partial framework target files. |
| vendor_dict: The dictionary of dynamic partition info variables from the |
| partial vendor target files. |
| |
| Returns: |
| The merged dynamic partition info dictionary. |
| """ |
| merged_dict = {} |
| # Partition groups and group sizes are defined by the vendor dict because |
| # these values may vary for each board that uses a shared system image. |
| merged_dict["super_partition_groups"] = vendor_dict["super_partition_groups"] |
| framework_dynamic_partition_list = framework_dict.get( |
| "dynamic_partition_list", "") |
| vendor_dynamic_partition_list = vendor_dict.get("dynamic_partition_list", "") |
| merged_dict["dynamic_partition_list"] = ("%s %s" % ( |
| framework_dynamic_partition_list, vendor_dynamic_partition_list)).strip() |
| for partition_group in merged_dict["super_partition_groups"].split(" "): |
| # Set the partition group's size using the value from the vendor dict. |
| key = "super_%s_group_size" % partition_group |
| if key not in vendor_dict: |
| raise ValueError("Vendor dict does not contain required key %s." % key) |
| merged_dict[key] = vendor_dict[key] |
| |
| # Set the partition group's partition list using a concatenation of the |
| # framework and vendor partition lists. |
| key = "super_%s_partition_list" % partition_group |
| merged_dict[key] = ( |
| "%s %s" % |
| (framework_dict.get(key, ""), vendor_dict.get(key, ""))).strip() |
| |
| # Pick virtual ab related flags from vendor dict, if defined. |
| if "virtual_ab" in vendor_dict.keys(): |
| merged_dict["virtual_ab"] = vendor_dict["virtual_ab"] |
| if "virtual_ab_retrofit" in vendor_dict.keys(): |
| merged_dict["virtual_ab_retrofit"] = vendor_dict["virtual_ab_retrofit"] |
| return merged_dict |
| |
| |
| def AppendAVBSigningArgs(cmd, partition): |
| """Append signing arguments for avbtool.""" |
| # e.g., "--key path/to/signing_key --algorithm SHA256_RSA4096" |
| key_path = OPTIONS.info_dict.get("avb_" + partition + "_key_path") |
| if key_path and not os.path.exists(key_path) and OPTIONS.search_path: |
| new_key_path = os.path.join(OPTIONS.search_path, key_path) |
| if os.path.exists(new_key_path): |
| key_path = new_key_path |
| algorithm = OPTIONS.info_dict.get("avb_" + partition + "_algorithm") |
| if key_path and algorithm: |
| cmd.extend(["--key", key_path, "--algorithm", algorithm]) |
| avb_salt = OPTIONS.info_dict.get("avb_salt") |
| # make_vbmeta_image doesn't like "--salt" (and it's not needed). |
| if avb_salt and not partition.startswith("vbmeta"): |
| cmd.extend(["--salt", avb_salt]) |
| |
| |
| def GetAvbPartitionArg(partition, image, info_dict=None): |
| """Returns the VBMeta arguments for partition. |
| |
| It sets up the VBMeta argument by including the partition descriptor from the |
| given 'image', or by configuring the partition as a chained partition. |
| |
| Args: |
| partition: The name of the partition (e.g. "system"). |
| image: The path to the partition image. |
| info_dict: A dict returned by common.LoadInfoDict(). Will use |
| OPTIONS.info_dict if None has been given. |
| |
| Returns: |
| A list of VBMeta arguments. |
| """ |
| if info_dict is None: |
| info_dict = OPTIONS.info_dict |
| |
| # Check if chain partition is used. |
| key_path = info_dict.get("avb_" + partition + "_key_path") |
| if not key_path: |
| return ["--include_descriptors_from_image", image] |
| |
| # For a non-A/B device, we don't chain /recovery nor include its descriptor |
| # into vbmeta.img. The recovery image will be configured on an independent |
| # boot chain, to be verified with AVB_SLOT_VERIFY_FLAGS_NO_VBMETA_PARTITION. |
| # See details at |
| # https://android.googlesource.com/platform/external/avb/+/master/README.md#booting-into-recovery. |
| if info_dict.get("ab_update") != "true" and partition == "recovery": |
| return [] |
| |
| # Otherwise chain the partition into vbmeta. |
| chained_partition_arg = GetAvbChainedPartitionArg(partition, info_dict) |
| return ["--chain_partition", chained_partition_arg] |
| |
| |
| def GetAvbChainedPartitionArg(partition, info_dict, key=None): |
| """Constructs and returns the arg to build or verify a chained partition. |
| |
| Args: |
| partition: The partition name. |
| info_dict: The info dict to look up the key info and rollback index |
| location. |
| key: The key to be used for building or verifying the partition. Defaults to |
| the key listed in info_dict. |
| |
| Returns: |
| A string of form "partition:rollback_index_location:key" that can be used to |
| build or verify vbmeta image. |
| """ |
| if key is None: |
| key = info_dict["avb_" + partition + "_key_path"] |
| if key and not os.path.exists(key) and OPTIONS.search_path: |
| new_key_path = os.path.join(OPTIONS.search_path, key) |
| if os.path.exists(new_key_path): |
| key = new_key_path |
| pubkey_path = ExtractAvbPublicKey(info_dict["avb_avbtool"], key) |
| rollback_index_location = info_dict[ |
| "avb_" + partition + "_rollback_index_location"] |
| return "{}:{}:{}".format(partition, rollback_index_location, pubkey_path) |
| |
| |
| def BuildVBMeta(image_path, partitions, name, needed_partitions): |
| """Creates a VBMeta image. |
| |
| It generates the requested VBMeta image. The requested image could be for |
| top-level or chained VBMeta image, which is determined based on the name. |
| |
| Args: |
| image_path: The output path for the new VBMeta image. |
| partitions: A dict that's keyed by partition names with image paths as |
| values. Only valid partition names are accepted, as partitions listed |
| in common.AVB_PARTITIONS and custom partitions listed in |
| OPTIONS.info_dict.get("avb_custom_images_partition_list") |
| name: Name of the VBMeta partition, e.g. 'vbmeta', 'vbmeta_system'. |
| needed_partitions: Partitions whose descriptors should be included into the |
| generated VBMeta image. |
| |
| Raises: |
| AssertionError: On invalid input args. |
| """ |
| avbtool = OPTIONS.info_dict["avb_avbtool"] |
| cmd = [avbtool, "make_vbmeta_image", "--output", image_path] |
| AppendAVBSigningArgs(cmd, name) |
| |
| custom_partitions = OPTIONS.info_dict.get( |
| "avb_custom_images_partition_list", "").strip().split() |
| |
| for partition, path in partitions.items(): |
| if partition not in needed_partitions: |
| continue |
| assert (partition in AVB_PARTITIONS or |
| partition in AVB_VBMETA_PARTITIONS or |
| partition in custom_partitions), \ |
| 'Unknown partition: {}'.format(partition) |
| assert os.path.exists(path), \ |
| 'Failed to find {} for {}'.format(path, partition) |
| cmd.extend(GetAvbPartitionArg(partition, path)) |
| |
| args = OPTIONS.info_dict.get("avb_{}_args".format(name)) |
| if args and args.strip(): |
| split_args = shlex.split(args) |
| for index, arg in enumerate(split_args[:-1]): |
| # Sanity check that the image file exists. Some images might be defined |
| # as a path relative to source tree, which may not be available at the |
| # same location when running this script (we have the input target_files |
| # zip only). For such cases, we additionally scan other locations (e.g. |
| # IMAGES/, RADIO/, etc) before bailing out. |
| if arg == '--include_descriptors_from_image': |
| image_path = split_args[index + 1] |
| if os.path.exists(image_path): |
| continue |
| found = False |
| for dir_name in ['IMAGES', 'RADIO', 'PREBUILT_IMAGES']: |
| alt_path = os.path.join( |
| OPTIONS.input_tmp, dir_name, os.path.basename(image_path)) |
| if os.path.exists(alt_path): |
| split_args[index + 1] = alt_path |
| found = True |
| break |
| assert found, 'Failed to find {}'.format(image_path) |
| cmd.extend(split_args) |
| |
| RunAndCheckOutput(cmd) |
| |
| if OPTIONS.aftl_server is not None: |
| # Ensure the other AFTL parameters are set as well. |
| assert OPTIONS.aftl_key_path is not None, 'No AFTL key provided.' |
| assert OPTIONS.aftl_manufacturer_key_path is not None, 'No AFTL manufacturer key provided.' |
| assert OPTIONS.aftl_signer_helper is not None, 'No AFTL signer helper provided.' |
| # AFTL inclusion proof generation code will go here. |
| |
| def _MakeRamdisk(sourcedir, fs_config_file=None, lz4_ramdisks=False): |
| ramdisk_img = tempfile.NamedTemporaryFile() |
| |
| if fs_config_file is not None and os.access(fs_config_file, os.F_OK): |
| cmd = ["mkbootfs", "-f", fs_config_file, |
| os.path.join(sourcedir, "RAMDISK")] |
| else: |
| cmd = ["mkbootfs", os.path.join(sourcedir, "RAMDISK")] |
| p1 = Run(cmd, stdout=subprocess.PIPE) |
| if lz4_ramdisks: |
| p2 = Run(["lz4", "-l", "-12" , "--favor-decSpeed"], stdin=p1.stdout, |
| stdout=ramdisk_img.file.fileno()) |
| else: |
| p2 = Run(["minigzip"], stdin=p1.stdout, stdout=ramdisk_img.file.fileno()) |
| |
| p2.wait() |
| p1.wait() |
| assert p1.returncode == 0, "mkbootfs of %s ramdisk failed" % (sourcedir,) |
| assert p2.returncode == 0, "compression of %s ramdisk failed" % (sourcedir,) |
| |
| return ramdisk_img |
| |
| |
| def _BuildBootableImage(image_name, sourcedir, fs_config_file, info_dict=None, |
| has_ramdisk=False, two_step_image=False): |
| """Build a bootable image from the specified sourcedir. |
| |
| Take a kernel, cmdline, and optionally a ramdisk directory from the input (in |
| 'sourcedir'), and turn them into a boot image. 'two_step_image' indicates if |
| we are building a two-step special image (i.e. building a recovery image to |
| be loaded into /boot in two-step OTAs). |
| |
| Return the image data, or None if sourcedir does not appear to contains files |
| for building the requested image. |
| """ |
| |
| # "boot" or "recovery", without extension. |
| partition_name = os.path.basename(sourcedir).lower() |
| |
| if partition_name == "recovery": |
| kernel = "kernel" |
| else: |
| kernel = image_name.replace("boot", "kernel") |
| kernel = kernel.replace(".img","") |
| if not os.access(os.path.join(sourcedir, kernel), os.F_OK): |
| return None |
| |
| if has_ramdisk and not os.access(os.path.join(sourcedir, "RAMDISK"), os.F_OK): |
| return None |
| |
| if info_dict is None: |
| info_dict = OPTIONS.info_dict |
| |
| img = tempfile.NamedTemporaryFile() |
| |
| if has_ramdisk: |
| use_lz4 = info_dict.get("lz4_ramdisks") == 'true' |
| ramdisk_img = _MakeRamdisk(sourcedir, fs_config_file, lz4_ramdisks=use_lz4) |
| |
| # use MKBOOTIMG from environ, or "mkbootimg" if empty or not set |
| mkbootimg = os.getenv('MKBOOTIMG') or "mkbootimg" |
| |
| cmd = [mkbootimg, "--kernel", os.path.join(sourcedir, kernel)] |
| |
| fn = os.path.join(sourcedir, "second") |
| if os.access(fn, os.F_OK): |
| cmd.append("--second") |
| cmd.append(fn) |
| |
| fn = os.path.join(sourcedir, "dtb") |
| if os.access(fn, os.F_OK): |
| cmd.append("--dtb") |
| cmd.append(fn) |
| |
| fn = os.path.join(sourcedir, "cmdline") |
| if os.access(fn, os.F_OK): |
| cmd.append("--cmdline") |
| cmd.append(open(fn).read().rstrip("\n")) |
| |
| fn = os.path.join(sourcedir, "base") |
| if os.access(fn, os.F_OK): |
| cmd.append("--base") |
| cmd.append(open(fn).read().rstrip("\n")) |
| |
| fn = os.path.join(sourcedir, "pagesize") |
| if os.access(fn, os.F_OK): |
| cmd.append("--pagesize") |
| cmd.append(open(fn).read().rstrip("\n")) |
| |
| if partition_name == "recovery": |
| args = info_dict.get("recovery_mkbootimg_args") |
| if not args: |
| # Fall back to "mkbootimg_args" for recovery image |
| # in case "recovery_mkbootimg_args" is not set. |
| args = info_dict.get("mkbootimg_args") |
| else: |
| args = info_dict.get("mkbootimg_args") |
| if args and args.strip(): |
| cmd.extend(shlex.split(args)) |
| |
| args = info_dict.get("mkbootimg_version_args") |
| if args and args.strip(): |
| cmd.extend(shlex.split(args)) |
| |
| if has_ramdisk: |
| cmd.extend(["--ramdisk", ramdisk_img.name]) |
| |
| img_unsigned = None |
| if info_dict.get("vboot"): |
| img_unsigned = tempfile.NamedTemporaryFile() |
| cmd.extend(["--output", img_unsigned.name]) |
| else: |
| cmd.extend(["--output", img.name]) |
| |
| if partition_name == "recovery": |
| if info_dict.get("include_recovery_dtbo") == "true": |
| fn = os.path.join(sourcedir, "recovery_dtbo") |
| cmd.extend(["--recovery_dtbo", fn]) |
| if info_dict.get("include_recovery_acpio") == "true": |
| fn = os.path.join(sourcedir, "recovery_acpio") |
| cmd.extend(["--recovery_acpio", fn]) |
| |
| RunAndCheckOutput(cmd) |
| |
| if (info_dict.get("boot_signer") == "true" and |
| info_dict.get("verity_key")): |
| # Hard-code the path as "/boot" for two-step special recovery image (which |
| # will be loaded into /boot during the two-step OTA). |
| if two_step_image: |
| path = "/boot" |
| else: |
| path = "/" + partition_name |
| cmd = [OPTIONS.boot_signer_path] |
| cmd.extend(OPTIONS.boot_signer_args) |
| cmd.extend([path, img.name, |
| info_dict["verity_key"] + ".pk8", |
| info_dict["verity_key"] + ".x509.pem", img.name]) |
| RunAndCheckOutput(cmd) |
| |
| # Sign the image if vboot is non-empty. |
| elif info_dict.get("vboot"): |
| path = "/" + partition_name |
| img_keyblock = tempfile.NamedTemporaryFile() |
| # We have switched from the prebuilt futility binary to using the tool |
| # (futility-host) built from the source. Override the setting in the old |
| # TF.zip. |
| futility = info_dict["futility"] |
| if futility.startswith("prebuilts/"): |
| futility = "futility-host" |
| cmd = [info_dict["vboot_signer_cmd"], futility, |
| img_unsigned.name, info_dict["vboot_key"] + ".vbpubk", |
| info_dict["vboot_key"] + ".vbprivk", |
| info_dict["vboot_subkey"] + ".vbprivk", |
| img_keyblock.name, |
| img.name] |
| RunAndCheckOutput(cmd) |
| |
| # Clean up the temp files. |
| img_unsigned.close() |
| img_keyblock.close() |
| |
| # AVB: if enabled, calculate and add hash to boot.img or recovery.img. |
| if info_dict.get("avb_enable") == "true": |
| avbtool = info_dict["avb_avbtool"] |
| if partition_name == "recovery": |
| part_size = info_dict["recovery_size"] |
| else: |
| part_size = info_dict[image_name.replace(".img","_size")] |
| cmd = [avbtool, "add_hash_footer", "--image", img.name, |
| "--partition_size", str(part_size), "--partition_name", |
| partition_name] |
| AppendAVBSigningArgs(cmd, partition_name) |
| args = info_dict.get("avb_" + partition_name + "_add_hash_footer_args") |
| if args and args.strip(): |
| cmd.extend(shlex.split(args)) |
| RunAndCheckOutput(cmd) |
| |
| img.seek(os.SEEK_SET, 0) |
| data = img.read() |
| |
| if has_ramdisk: |
| ramdisk_img.close() |
| img.close() |
| |
| return data |
| |
| |
| def GetBootableImage(name, prebuilt_name, unpack_dir, tree_subdir, |
| info_dict=None, two_step_image=False): |
| """Return a File object with the desired bootable image. |
| |
| Look for it in 'unpack_dir'/BOOTABLE_IMAGES under the name 'prebuilt_name', |
| otherwise look for it under 'unpack_dir'/IMAGES, otherwise construct it from |
| the source files in 'unpack_dir'/'tree_subdir'.""" |
| |
| prebuilt_path = os.path.join(unpack_dir, "BOOTABLE_IMAGES", prebuilt_name) |
| if os.path.exists(prebuilt_path): |
| logger.info("using prebuilt %s from BOOTABLE_IMAGES...", prebuilt_name) |
| return File.FromLocalFile(name, prebuilt_path) |
| |
| prebuilt_path = os.path.join(unpack_dir, "IMAGES", prebuilt_name) |
| if os.path.exists(prebuilt_path): |
| logger.info("using prebuilt %s from IMAGES...", prebuilt_name) |
| return File.FromLocalFile(name, prebuilt_path) |
| |
| logger.info("building image from target_files %s...", tree_subdir) |
| |
| if info_dict is None: |
| info_dict = OPTIONS.info_dict |
| |
| # With system_root_image == "true", we don't pack ramdisk into the boot image. |
| # Unless "recovery_as_boot" is specified, in which case we carry the ramdisk |
| # for recovery. |
| has_ramdisk = (info_dict.get("system_root_image") != "true" or |
| prebuilt_name != "boot.img" or |
| info_dict.get("recovery_as_boot") == "true") |
| |
| fs_config = "META/" + tree_subdir.lower() + "_filesystem_config.txt" |
| data = _BuildBootableImage(prebuilt_name, os.path.join(unpack_dir, tree_subdir), |
| os.path.join(unpack_dir, fs_config), |
| info_dict, has_ramdisk, two_step_image) |
| if data: |
| return File(name, data) |
| return None |
| |
| |
| def _BuildVendorBootImage(sourcedir, info_dict=None): |
| """Build a vendor boot image from the specified sourcedir. |
| |
| Take a ramdisk, dtb, and vendor_cmdline from the input (in 'sourcedir'), and |
| turn them into a vendor boot image. |
| |
| Return the image data, or None if sourcedir does not appear to contains files |
| for building the requested image. |
| """ |
| |
| if info_dict is None: |
| info_dict = OPTIONS.info_dict |
| |
| img = tempfile.NamedTemporaryFile() |
| |
| use_lz4 = info_dict.get("lz4_ramdisks") == 'true' |
| ramdisk_img = _MakeRamdisk(sourcedir, lz4_ramdisks=use_lz4) |
| |
| # use MKBOOTIMG from environ, or "mkbootimg" if empty or not set |
| mkbootimg = os.getenv('MKBOOTIMG') or "mkbootimg" |
| |
| cmd = [mkbootimg] |
| |
| fn = os.path.join(sourcedir, "dtb") |
| if os.access(fn, os.F_OK): |
| cmd.append("--dtb") |
| cmd.append(fn) |
| |
| fn = os.path.join(sourcedir, "vendor_cmdline") |
| if os.access(fn, os.F_OK): |
| cmd.append("--vendor_cmdline") |
| cmd.append(open(fn).read().rstrip("\n")) |
| |
| fn = os.path.join(sourcedir, "base") |
| if os.access(fn, os.F_OK): |
| cmd.append("--base") |
| cmd.append(open(fn).read().rstrip("\n")) |
| |
| fn = os.path.join(sourcedir, "pagesize") |
| if os.access(fn, os.F_OK): |
| cmd.append("--pagesize") |
| cmd.append(open(fn).read().rstrip("\n")) |
| |
| args = info_dict.get("mkbootimg_args") |
| if args and args.strip(): |
| cmd.extend(shlex.split(args)) |
| |
| args = info_dict.get("mkbootimg_version_args") |
| if args and args.strip(): |
| cmd.extend(shlex.split(args)) |
| |
| cmd.extend(["--vendor_ramdisk", ramdisk_img.name]) |
| cmd.extend(["--vendor_boot", img.name]) |
| |
| RunAndCheckOutput(cmd) |
| |
| # AVB: if enabled, calculate and add hash. |
| if info_dict.get("avb_enable") == "true": |
| avbtool = info_dict["avb_avbtool"] |
| part_size = info_dict["vendor_boot_size"] |
| cmd = [avbtool, "add_hash_footer", "--image", img.name, |
| "--partition_size", str(part_size), "--partition_name", "vendor_boot"] |
| AppendAVBSigningArgs(cmd, "vendor_boot") |
| args = info_dict.get("avb_vendor_boot_add_hash_footer_args") |
| if args and args.strip(): |
| cmd.extend(shlex.split(args)) |
| RunAndCheckOutput(cmd) |
| |
| img.seek(os.SEEK_SET, 0) |
| data = img.read() |
| |
| ramdisk_img.close() |
| img.close() |
| |
| return data |
| |
| |
| def GetVendorBootImage(name, prebuilt_name, unpack_dir, tree_subdir, |
| info_dict=None): |
| """Return a File object with the desired vendor boot image. |
| |
| Look for it under 'unpack_dir'/IMAGES, otherwise construct it from |
| the source files in 'unpack_dir'/'tree_subdir'.""" |
| |
| prebuilt_path = os.path.join(unpack_dir, "IMAGES", prebuilt_name) |
| if os.path.exists(prebuilt_path): |
| logger.info("using prebuilt %s from IMAGES...", prebuilt_name) |
| return File.FromLocalFile(name, prebuilt_path) |
| |
| logger.info("building image from target_files %s...", tree_subdir) |
| |
| if info_dict is None: |
| info_dict = OPTIONS.info_dict |
| |
| data = _BuildVendorBootImage(os.path.join(unpack_dir, tree_subdir), info_dict) |
| if data: |
| return File(name, data) |
| return None |
| |
| |
| def Gunzip(in_filename, out_filename): |
| """Gunzips the given gzip compressed file to a given output file.""" |
| with gzip.open(in_filename, "rb") as in_file, \ |
| open(out_filename, "wb") as out_file: |
| shutil.copyfileobj(in_file, out_file) |
| |
| |
| def UnzipToDir(filename, dirname, patterns=None): |
| """Unzips the archive to the given directory. |
| |
| Args: |
| filename: The name of the zip file to unzip. |
| dirname: Where the unziped files will land. |
| patterns: Files to unzip from the archive. If omitted, will unzip the entire |
| archvie. Non-matching patterns will be filtered out. If there's no match |
| after the filtering, no file will be unzipped. |
| """ |
| cmd = ["unzip", "-o", "-q", filename, "-d", dirname] |
| if patterns is not None: |
| # Filter out non-matching patterns. unzip will complain otherwise. |
| with zipfile.ZipFile(filename) as input_zip: |
| names = input_zip.namelist() |
| filtered = [ |
| pattern for pattern in patterns if fnmatch.filter(names, pattern)] |
| |
| # There isn't any matching files. Don't unzip anything. |
| if not filtered: |
| return |
| cmd.extend(filtered) |
| |
| RunAndCheckOutput(cmd) |
| |
| |
| def UnzipTemp(filename, pattern=None): |
| """Unzips the given archive into a temporary directory and returns the name. |
| |
| Args: |
| filename: If filename is of the form "foo.zip+bar.zip", unzip foo.zip into |
| a temp dir, then unzip bar.zip into that_dir/BOOTABLE_IMAGES. |
| |
| pattern: Files to unzip from the archive. If omitted, will unzip the entire |
| archvie. |
| |
| Returns: |
| The name of the temporary directory. |
| """ |
| |
| tmp = MakeTempDir(prefix="targetfiles-") |
| m = re.match(r"^(.*[.]zip)\+(.*[.]zip)$", filename, re.IGNORECASE) |
| if m: |
| UnzipToDir(m.group(1), tmp, pattern) |
| UnzipToDir(m.group(2), os.path.join(tmp, "BOOTABLE_IMAGES"), pattern) |
| filename = m.group(1) |
| else: |
| UnzipToDir(filename, tmp, pattern) |
| |
| return tmp |
| |
| |
| def GetUserImage(which, tmpdir, input_zip, |
| info_dict=None, |
| allow_shared_blocks=None, |
| hashtree_info_generator=None, |
| reset_file_map=False): |
| """Returns an Image object suitable for passing to BlockImageDiff. |
| |
| This function loads the specified image from the given path. If the specified |
| image is sparse, it also performs additional processing for OTA purpose. For |
| example, it always adds block 0 to clobbered blocks list. It also detects |
| files that cannot be reconstructed from the block list, for whom we should |
| avoid applying imgdiff. |
| |
| Args: |
| which: The partition name. |
| tmpdir: The directory that contains the prebuilt image and block map file. |
| input_zip: The target-files ZIP archive. |
| info_dict: The dict to be looked up for relevant info. |
| allow_shared_blocks: If image is sparse, whether having shared blocks is |
| allowed. If none, it is looked up from info_dict. |
| hashtree_info_generator: If present and image is sparse, generates the |
| hashtree_info for this sparse image. |
| reset_file_map: If true and image is sparse, reset file map before returning |
| the image. |
| Returns: |
| A Image object. If it is a sparse image and reset_file_map is False, the |
| image will have file_map info loaded. |
| """ |
| if info_dict is None: |
| info_dict = LoadInfoDict(input_zip) |
| |
| is_sparse = info_dict.get("extfs_sparse_flag") |
| |
| # When target uses 'BOARD_EXT4_SHARE_DUP_BLOCKS := true', images may contain |
| # shared blocks (i.e. some blocks will show up in multiple files' block |
| # list). We can only allocate such shared blocks to the first "owner", and |
| # disable imgdiff for all later occurrences. |
| if allow_shared_blocks is None: |
| allow_shared_blocks = info_dict.get("ext4_share_dup_blocks") == "true" |
| |
| if is_sparse: |
| img = GetSparseImage(which, tmpdir, input_zip, allow_shared_blocks, |
| hashtree_info_generator) |
| if reset_file_map: |
| img.ResetFileMap() |
| return img |
| else: |
| return GetNonSparseImage(which, tmpdir, hashtree_info_generator) |
| |
| |
| def GetNonSparseImage(which, tmpdir, hashtree_info_generator=None): |
| """Returns a Image object suitable for passing to BlockImageDiff. |
| |
| This function loads the specified non-sparse image from the given path. |
| |
| Args: |
| which: The partition name. |
| tmpdir: The directory that contains the prebuilt image and block map file. |
| Returns: |
| A Image object. |
| """ |
| path = os.path.join(tmpdir, "IMAGES", which + ".img") |
| mappath = os.path.join(tmpdir, "IMAGES", which + ".map") |
| |
| # The image and map files must have been created prior to calling |
| # ota_from_target_files.py (since LMP). |
| assert os.path.exists(path) and os.path.exists(mappath) |
| |
| return images.FileImage(path, hashtree_info_generator=hashtree_info_generator) |
| |
| |
| def GetSparseImage(which, tmpdir, input_zip, allow_shared_blocks, |
| hashtree_info_generator=None): |
| """Returns a SparseImage object suitable for passing to BlockImageDiff. |
| |
| This function loads the specified sparse image from the given path, and |
| performs additional processing for OTA purpose. For example, it always adds |
| block 0 to clobbered blocks list. It also detects files that cannot be |
| reconstructed from the block list, for whom we should avoid applying imgdiff. |
| |
| Args: |
| which: The partition name, e.g. "system", "vendor". |
| tmpdir: The directory that contains the prebuilt image and block map file. |
| input_zip: The target-files ZIP archive. |
| allow_shared_blocks: Whether having shared blocks is allowed. |
| hashtree_info_generator: If present, generates the hashtree_info for this |
| sparse image. |
| Returns: |
| A SparseImage object, with file_map info loaded. |
| """ |
| path = os.path.join(tmpdir, "IMAGES", which + ".img") |
| mappath = os.path.join(tmpdir, "IMAGES", which + ".map") |
| |
| # The image and map files must have been created prior to calling |
| # ota_from_target_files.py (since LMP). |
| assert os.path.exists(path) and os.path.exists(mappath) |
| |
| # In ext4 filesystems, block 0 might be changed even being mounted R/O. We add |
| # it to clobbered_blocks so that it will be written to the target |
| # unconditionally. Note that they are still part of care_map. (Bug: 20939131) |
| clobbered_blocks = "0" |
| |
| image = sparse_img.SparseImage( |
| path, mappath, clobbered_blocks, allow_shared_blocks=allow_shared_blocks, |
| hashtree_info_generator=hashtree_info_generator) |
| |
| # block.map may contain less blocks, because mke2fs may skip allocating blocks |
| # if they contain all zeros. We can't reconstruct such a file from its block |
| # list. Tag such entries accordingly. (Bug: 65213616) |
| for entry in image.file_map: |
| # Skip artificial names, such as "__ZERO", "__NONZERO-1". |
| if not entry.startswith('/'): |
| continue |
| |
| # "/system/framework/am.jar" => "SYSTEM/framework/am.jar". Note that the |
| # filename listed in system.map may contain an additional leading slash |
| # (i.e. "//system/framework/am.jar"). Using lstrip to get consistent |
| # results. |
| arcname = entry.replace(which, which.upper(), 1).lstrip('/') |
| |
| # Special handling another case, where files not under /system |
| # (e.g. "/sbin/charger") are packed under ROOT/ in a target_files.zip. |
| if which == 'system' and not arcname.startswith('SYSTEM'): |
| arcname = 'ROOT/' + arcname |
| |
| assert arcname in input_zip.namelist(), \ |
| "Failed to find the ZIP entry for {}".format(entry) |
| |
| info = input_zip.getinfo(arcname) |
| ranges = image.file_map[entry] |
| |
| # If a RangeSet has been tagged as using shared blocks while loading the |
| # image, check the original block list to determine its completeness. Note |
| # that the 'incomplete' flag would be tagged to the original RangeSet only. |
| if ranges.extra.get('uses_shared_blocks'): |
| ranges = ranges.extra['uses_shared_blocks'] |
| |
| if RoundUpTo4K(info.file_size) > ranges.size() * 4096: |
| ranges.extra['incomplete'] = True |
| |
| return image |
| |
| |
| def GetKeyPasswords(keylist): |
| """Given a list of keys, prompt the user to enter passwords for |
| those which require them. Return a {key: password} dict. password |
| will be None if the key has no password.""" |
| |
| no_passwords = [] |
| need_passwords = [] |
| key_passwords = {} |
| devnull = open("/dev/null", "w+b") |
| for k in sorted(keylist): |
| # We don't need a password for things that aren't really keys. |
| if k in SPECIAL_CERT_STRINGS: |
| no_passwords.append(k) |
| continue |
| |
| p = Run(["openssl", "pkcs8", "-in", k+OPTIONS.private_key_suffix, |
| "-inform", "DER", "-nocrypt"], |
| stdin=devnull.fileno(), |
| stdout=devnull.fileno(), |
| stderr=subprocess.STDOUT) |
| p.communicate() |
| if p.returncode == 0: |
| # Definitely an unencrypted key. |
| no_passwords.append(k) |
| else: |
| p = Run(["openssl", "pkcs8", "-in", k+OPTIONS.private_key_suffix, |
| "-inform", "DER", "-passin", "pass:"], |
| stdin=devnull.fileno(), |
| stdout=devnull.fileno(), |
| stderr=subprocess.PIPE) |
| _, stderr = p.communicate() |
| if p.returncode == 0: |
| # Encrypted key with empty string as password. |
| key_passwords[k] = '' |
| elif stderr.startswith('Error decrypting key'): |
| # Definitely encrypted key. |
| # It would have said "Error reading key" if it didn't parse correctly. |
| need_passwords.append(k) |
| else: |
| # Potentially, a type of key that openssl doesn't understand. |
| # We'll let the routines in signapk.jar handle it. |
| no_passwords.append(k) |
| devnull.close() |
| |
| key_passwords.update(PasswordManager().GetPasswords(need_passwords)) |
| key_passwords.update(dict.fromkeys(no_passwords)) |
| return key_passwords |
| |
| |
| def GetMinSdkVersion(apk_name): |
| """Gets the minSdkVersion declared in the APK. |
| |
| It calls 'aapt2' to query the embedded minSdkVersion from the given APK file. |
| This can be both a decimal number (API Level) or a codename. |
| |
| Args: |
| apk_name: The APK filename. |
| |
| Returns: |
| The parsed SDK version string. |
| |
| Raises: |
| ExternalError: On failing to obtain the min SDK version. |
| """ |
| proc = Run( |
| ["aapt2", "dump", "badging", apk_name], stdout=subprocess.PIPE, |
| stderr=subprocess.PIPE) |
| stdoutdata, stderrdata = proc.communicate() |
| if proc.returncode != 0: |
| raise ExternalError( |
| "Failed to obtain minSdkVersion: aapt2 return code {}:\n{}\n{}".format( |
| proc.returncode, stdoutdata, stderrdata)) |
| |
| for line in stdoutdata.split("\n"): |
| # Looking for lines such as sdkVersion:'23' or sdkVersion:'M'. |
| m = re.match(r'sdkVersion:\'([^\']*)\'', line) |
| if m: |
| return m.group(1) |
| raise ExternalError("No minSdkVersion returned by aapt2") |
| |
| |
| def GetMinSdkVersionInt(apk_name, codename_to_api_level_map): |
| """Returns the minSdkVersion declared in the APK as a number (API Level). |
| |
| If minSdkVersion is set to a codename, it is translated to a number using the |
| provided map. |
| |
| Args: |
| apk_name: The APK filename. |
| |
| Returns: |
| The parsed SDK version number. |
| |
| Raises: |
| ExternalError: On failing to get the min SDK version number. |
| """ |
| version = GetMinSdkVersion(apk_name) |
| try: |
| return int(version) |
| except ValueError: |
| # Not a decimal number. Codename? |
| if version in codename_to_api_level_map: |
| return codename_to_api_level_map[version] |
| else: |
| raise ExternalError( |
| "Unknown minSdkVersion: '{}'. Known codenames: {}".format( |
| version, codename_to_api_level_map)) |
| |
| |
| def SignFile(input_name, output_name, key, password, min_api_level=None, |
| codename_to_api_level_map=None, whole_file=False, |
| extra_signapk_args=None): |
| """Sign the input_name zip/jar/apk, producing output_name. Use the |
| given key and password (the latter may be None if the key does not |
| have a password. |
| |
| If whole_file is true, use the "-w" option to SignApk to embed a |
| signature that covers the whole file in the archive comment of the |
| zip file. |
| |
| min_api_level is the API Level (int) of the oldest platform this file may end |
| up on. If not specified for an APK, the API Level is obtained by interpreting |
| the minSdkVersion attribute of the APK's AndroidManifest.xml. |
| |
| codename_to_api_level_map is needed to translate the codename which may be |
| encountered as the APK's minSdkVersion. |
| |
| Caller may optionally specify extra args to be passed to SignApk, which |
| defaults to OPTIONS.extra_signapk_args if omitted. |
| """ |
| if codename_to_api_level_map is None: |
| codename_to_api_level_map = {} |
| if extra_signapk_args is None: |
| extra_signapk_args = OPTIONS.extra_signapk_args |
| |
| java_library_path = os.path.join( |
| OPTIONS.search_path, OPTIONS.signapk_shared_library_path) |
| |
| cmd = ([OPTIONS.java_path] + OPTIONS.java_args + |
| ["-Djava.library.path=" + java_library_path, |
| "-jar", os.path.join(OPTIONS.search_path, OPTIONS.signapk_path)] + |
| extra_signapk_args) |
| if whole_file: |
| cmd.append("-w") |
| |
| min_sdk_version = min_api_level |
| if min_sdk_version is None: |
| if not whole_file: |
| min_sdk_version = GetMinSdkVersionInt( |
| input_name, codename_to_api_level_map) |
| if min_sdk_version is not None: |
| cmd.extend(["--min-sdk-version", str(min_sdk_version)]) |
| |
| cmd.extend([key + OPTIONS.public_key_suffix, |
| key + OPTIONS.private_key_suffix, |
| input_name, output_name]) |
| |
| proc = Run(cmd, stdin=subprocess.PIPE) |
| if password is not None: |
| password += "\n" |
| stdoutdata, _ = proc.communicate(password) |
| if proc.returncode != 0: |
| raise ExternalError( |
| "Failed to run signapk.jar: return code {}:\n{}".format( |
| proc.returncode, stdoutdata)) |
| |
| |
| def CheckSize(data, target, info_dict): |
| """Checks the data string passed against the max size limit. |
| |
| For non-AVB images, raise exception if the data is too big. Print a warning |
| if the data is nearing the maximum size. |
| |
| For AVB images, the actual image size should be identical to the limit. |
| |
| Args: |
| data: A string that contains all the data for the partition. |
| target: The partition name. The ".img" suffix is optional. |
| info_dict: The dict to be looked up for relevant info. |
| """ |
| if target.endswith(".img"): |
| target = target[:-4] |
| mount_point = "/" + target |
| |
| fs_type = None |
| limit = None |
| if info_dict["fstab"]: |
| if mount_point == "/userdata": |
| mount_point = "/data" |
| p = info_dict["fstab"][mount_point] |
| fs_type = p.fs_type |
| device = p.device |
| if "/" in device: |
| device = device[device.rfind("/")+1:] |
| limit = info_dict.get(device + "_size") |
| if not fs_type or not limit: |
| return |
| |
| size = len(data) |
| # target could be 'userdata' or 'cache'. They should follow the non-AVB image |
| # path. |
| if info_dict.get("avb_enable") == "true" and target in AVB_PARTITIONS: |
| if size != limit: |
| raise ExternalError( |
| "Mismatching image size for %s: expected %d actual %d" % ( |
| target, limit, size)) |
| else: |
| pct = float(size) * 100.0 / limit |
| msg = "%s size (%d) is %.2f%% of limit (%d)" % (target, size, pct, limit) |
| if pct >= 99.0: |
| raise ExternalError(msg) |
| elif pct >= 95.0: |
| logger.warning("\n WARNING: %s\n", msg) |
| else: |
| logger.info(" %s", msg) |
| |
| |
| def ReadApkCerts(tf_zip): |
| """Parses the APK certs info from a given target-files zip. |
| |
| Given a target-files ZipFile, parses the META/apkcerts.txt entry and returns a |
| tuple with the following elements: (1) a dictionary that maps packages to |
| certs (based on the "certificate" and "private_key" attributes in the file; |
| (2) a string representing the extension of compressed APKs in the target files |
| (e.g ".gz", ".bro"). |
| |
| Args: |
| tf_zip: The input target_files ZipFile (already open). |
| |
| Returns: |
| (certmap, ext): certmap is a dictionary that maps packages to certs; ext is |
| the extension string of compressed APKs (e.g. ".gz"), or None if there's |
| no compressed APKs. |
| """ |
| certmap = {} |
| compressed_extension = None |
| |
| # META/apkcerts.txt contains the info for _all_ the packages known at build |
| # time. Filter out the ones that are not installed. |
| installed_files = set() |
| for name in tf_zip.namelist(): |
| basename = os.path.basename(name) |
| if basename: |
| installed_files.add(basename) |
| |
| for line in tf_zip.read('META/apkcerts.txt').decode().split('\n'): |
| line = line.strip() |
| if not line: |
| continue |
| m = re.match( |
| r'^name="(?P<NAME>.*)"\s+certificate="(?P<CERT>.*)"\s+' |
| r'private_key="(?P<PRIVKEY>.*?)"(\s+compressed="(?P<COMPRESSED>.*?)")?' |
| r'(\s+partition="(?P<PARTITION>.*?)")?$', |
| line) |
| if not m: |
| continue |
| |
| matches = m.groupdict() |
| cert = matches["CERT"] |
| privkey = matches["PRIVKEY"] |
| name = matches["NAME"] |
| this_compressed_extension = matches["COMPRESSED"] |
| |
| public_key_suffix_len = len(OPTIONS.public_key_suffix) |
| private_key_suffix_len = len(OPTIONS.private_key_suffix) |
| if cert in SPECIAL_CERT_STRINGS and not privkey: |
| certmap[name] = cert |
| elif (cert.endswith(OPTIONS.public_key_suffix) and |
| privkey.endswith(OPTIONS.private_key_suffix) and |
| cert[:-public_key_suffix_len] == privkey[:-private_key_suffix_len]): |
| certmap[name] = cert[:-public_key_suffix_len] |
| else: |
| raise ValueError("Failed to parse line from apkcerts.txt:\n" + line) |
| |
| if not this_compressed_extension: |
| continue |
| |
| # Only count the installed files. |
| filename = name + '.' + this_compressed_extension |
| if filename not in installed_files: |
| continue |
| |
| # Make sure that all the values in the compression map have the same |
| # extension. We don't support multiple compression methods in the same |
| # system image. |
| if compressed_extension: |
| if this_compressed_extension != compressed_extension: |
| raise ValueError( |
| "Multiple compressed extensions: {} vs {}".format( |
| compressed_extension, this_compressed_extension)) |
| else: |
| compressed_extension = this_compressed_extension |
| |
| return (certmap, |
| ("." + compressed_extension) if compressed_extension else None) |
| |
| |
| COMMON_DOCSTRING = """ |
| Global options |
| |
| -p (--path) <dir> |
| Prepend <dir>/bin to the list of places to search for binaries run by this |
| script, and expect to find jars in <dir>/framework. |
| |
| -s (--device_specific) <file> |
| Path to the Python module containing device-specific releasetools code. |
| |
| -x (--extra) <key=value> |
| Add a key/value pair to the 'extras' dict, which device-specific extension |
| code may look at. |
| |
| -v (--verbose) |
| Show command lines being executed. |
| |
| -h (--help) |
| Display this usage message and exit. |
| |
| --logfile <file> |
| Put verbose logs to specified file (regardless of --verbose option.) |
| """ |
| |
| def Usage(docstring): |
| print(docstring.rstrip("\n")) |
| print(COMMON_DOCSTRING) |
| |
| |
| def ParseOptions(argv, |
| docstring, |
| extra_opts="", extra_long_opts=(), |
| extra_option_handler=None): |
| """Parse the options in argv and return any arguments that aren't |
| flags. docstring is the calling module's docstring, to be displayed |
| for errors and -h. extra_opts and extra_long_opts are for flags |
| defined by the caller, which are processed by passing them to |
| extra_option_handler.""" |
| |
| try: |
| opts, args = getopt.getopt( |
| argv, "hvp:s:x:" + extra_opts, |
| ["help", "verbose", "path=", "signapk_path=", |
| "signapk_shared_library_path=", "extra_signapk_args=", |
| "java_path=", "java_args=", "android_jar_path=", "public_key_suffix=", |
| "private_key_suffix=", "boot_signer_path=", "boot_signer_args=", |
| "verity_signer_path=", "verity_signer_args=", "device_specific=", |
| "extra=", "logfile=", "aftl_server=", "aftl_key_path=", |
| "aftl_manufacturer_key_path=", "aftl_signer_helper="] + |
| list(extra_long_opts)) |
| except getopt.GetoptError as err: |
| Usage(docstring) |
| print("**", str(err), "**") |
| sys.exit(2) |
| |
| for o, a in opts: |
| if o in ("-h", "--help"): |
| Usage(docstring) |
| sys.exit() |
| elif o in ("-v", "--verbose"): |
| OPTIONS.verbose = True |
| elif o in ("-p", "--path"): |
| OPTIONS.search_path = a |
| elif o in ("--signapk_path",): |
| OPTIONS.signapk_path = a |
| elif o in ("--signapk_shared_library_path",): |
| OPTIONS.signapk_shared_library_path = a |
| elif o in ("--extra_signapk_args",): |
| OPTIONS.extra_signapk_args = shlex.split(a) |
| elif o in ("--java_path",): |
| OPTIONS.java_path = a |
| elif o in ("--java_args",): |
| OPTIONS.java_args = shlex.split(a) |
| elif o in ("--android_jar_path",): |
| OPTIONS.android_jar_path = a |
| elif o in ("--public_key_suffix",): |
| OPTIONS.public_key_suffix = a |
| elif o in ("--private_key_suffix",): |
| OPTIONS.private_key_suffix = a |
| elif o in ("--boot_signer_path",): |
| OPTIONS.boot_signer_path = a |
| elif o in ("--boot_signer_args",): |
| OPTIONS.boot_signer_args = shlex.split(a) |
| elif o in ("--verity_signer_path",): |
| OPTIONS.verity_signer_path = a |
| elif o in ("--verity_signer_args",): |
| OPTIONS.verity_signer_args = shlex.split(a) |
| elif o in ("--aftl_server",): |
| OPTIONS.aftl_server = a |
| elif o in ("--aftl_key_path",): |
| OPTIONS.aftl_key_path = a |
| elif o in ("--aftl_manufacturer_key_path",): |
| OPTIONS.aftl_manufacturer_key_path = a |
| elif o in ("--aftl_signer_helper",): |
| OPTIONS.aftl_signer_helper = a |
| elif o in ("-s", "--device_specific"): |
| OPTIONS.device_specific = a |
| elif o in ("-x", "--extra"): |
| key, value = a.split("=", 1) |
| OPTIONS.extras[key] = value |
| elif o in ("--logfile",): |
| OPTIONS.logfile = a |
| else: |
| if extra_option_handler is None or not extra_option_handler(o, a): |
| assert False, "unknown option \"%s\"" % (o,) |
| |
| if OPTIONS.search_path: |
| os.environ["PATH"] = (os.path.join(OPTIONS.search_path, "bin") + |
| os.pathsep + os.environ["PATH"]) |
| |
| return args |
| |
| |
| def MakeTempFile(prefix='tmp', suffix=''): |
| """Make a temp file and add it to the list of things to be deleted |
| when Cleanup() is called. Return the filename.""" |
| fd, fn = tempfile.mkstemp(prefix=prefix, suffix=suffix) |
| os.close(fd) |
| OPTIONS.tempfiles.append(fn) |
| return fn |
| |
| |
| def MakeTempDir(prefix='tmp', suffix=''): |
| """Makes a temporary dir that will be cleaned up with a call to Cleanup(). |
| |
| Returns: |
| The absolute pathname of the new directory. |
| """ |
| dir_name = tempfile.mkdtemp(suffix=suffix, prefix=prefix) |
| OPTIONS.tempfiles.append(dir_name) |
| return dir_name |
| |
| |
| def Cleanup(): |
| for i in OPTIONS.tempfiles: |
| if os.path.isdir(i): |
| shutil.rmtree(i, ignore_errors=True) |
| else: |
| os.remove(i) |
| del OPTIONS.tempfiles[:] |
| |
| |
| class PasswordManager(object): |
| def __init__(self): |
| self.editor = os.getenv("EDITOR") |
| self.pwfile = os.getenv("ANDROID_PW_FILE") |
| |
| def GetPasswords(self, items): |
| """Get passwords corresponding to each string in 'items', |
| returning a dict. (The dict may have keys in addition to the |
| values in 'items'.) |
| |
| Uses the passwords in $ANDROID_PW_FILE if available, letting the |
| user edit that file to add more needed passwords. If no editor is |
| available, or $ANDROID_PW_FILE isn't define, prompts the user |
| interactively in the ordinary way. |
| """ |
| |
| current = self.ReadFile() |
| |
| first = True |
| while True: |
| missing = [] |
| for i in items: |
| if i not in current or not current[i]: |
| missing.append(i) |
| # Are all the passwords already in the file? |
| if not missing: |
| return current |
| |
| for i in missing: |
| current[i] = "" |
| |
| if not first: |
| print("key file %s still missing some passwords." % (self.pwfile,)) |
| if sys.version_info[0] >= 3: |
| raw_input = input # pylint: disable=redefined-builtin |
| answer = raw_input("try to edit again? [y]> ").strip() |
| if answer and answer[0] not in 'yY': |
| raise RuntimeError("key passwords unavailable") |
| first = False |
| |
| current = self.UpdateAndReadFile(current) |
| |
| def PromptResult(self, current): # pylint: disable=no-self-use |
| """Prompt the user to enter a value (password) for each key in |
| 'current' whose value is fales. Returns a new dict with all the |
| values. |
| """ |
| result = {} |
| for k, v in sorted(current.items()): |
| if v: |
| result[k] = v |
| else: |
| while True: |
| result[k] = getpass.getpass( |
| "Enter password for %s key> " % k).strip() |
| if result[k]: |
| break |
| return result |
| |
| def UpdateAndReadFile(self, current): |
| if not self.editor or not self.pwfile: |
| return self.PromptResult(current) |
| |
| f = open(self.pwfile, "w") |
| os.chmod(self.pwfile, 0o600) |
| f.write("# Enter key passwords between the [[[ ]]] brackets.\n") |
| f.write("# (Additional spaces are harmless.)\n\n") |
| |
| first_line = None |
| sorted_list = sorted([(not v, k, v) for (k, v) in current.items()]) |
| for i, (_, k, v) in enumerate(sorted_list): |
| f.write("[[[ %s ]]] %s\n" % (v, k)) |
| if not v and first_line is None: |
| # position cursor on first line with no password. |
| first_line = i + 4 |
| f.close() |
| |
| RunAndCheckOutput([self.editor, "+%d" % (first_line,), self.pwfile]) |
| |
| return self.ReadFile() |
| |
| def ReadFile(self): |
| result = {} |
| if self.pwfile is None: |
| return result |
| try: |
| f = open(self.pwfile, "r") |
| for line in f: |
| line = line.strip() |
| if not line or line[0] == '#': |
| continue |
| m = re.match(r"^\[\[\[\s*(.*?)\s*\]\]\]\s*(\S+)$", line) |
| if not m: |
| logger.warning("Failed to parse password file: %s", line) |
| else: |
| result[m.group(2)] = m.group(1) |
| f.close() |
| except IOError as e: |
| if e.errno != errno.ENOENT: |
| logger.exception("Error reading password file:") |
| return result |
| |
| |
| def ZipWrite(zip_file, filename, arcname=None, perms=0o644, |
| compress_type=None): |
| import datetime |
| |
| # http://b/18015246 |
| # Python 2.7's zipfile implementation wrongly thinks that zip64 is required |
| # for files larger than 2GiB. We can work around this by adjusting their |
| # limit. Note that `zipfile.writestr()` will not work for strings larger than |
| # 2GiB. The Python interpreter sometimes rejects strings that large (though |
| # it isn't clear to me exactly what circumstances cause this). |
| # `zipfile.write()` must be used directly to work around this. |
| # |
| # This mess can be avoided if we port to python3. |
| saved_zip64_limit = zipfile.ZIP64_LIMIT |
| zipfile.ZIP64_LIMIT = (1 << 32) - 1 |
| |
| if compress_type is None: |
| compress_type = zip_file.compression |
| if arcname is None: |
| arcname = filename |
| |
| saved_stat = os.stat(filename) |
| |
| try: |
| # `zipfile.write()` doesn't allow us to pass ZipInfo, so just modify the |
| # file to be zipped and reset it when we're done. |
| os.chmod(filename, perms) |
| |
| # Use a fixed timestamp so the output is repeatable. |
| # Note: Use of fromtimestamp rather than utcfromtimestamp here is |
| # intentional. zip stores datetimes in local time without a time zone |
| # attached, so we need "epoch" but in the local time zone to get 2009/01/01 |
| # in the zip archive. |
| local_epoch = datetime.datetime.fromtimestamp(0) |
| timestamp = (datetime.datetime(2009, 1, 1) - local_epoch).total_seconds() |
| os.utime(filename, (timestamp, timestamp)) |
| |
| zip_file.write(filename, arcname=arcname, compress_type=compress_type) |
| finally: |
| os.chmod(filename, saved_stat.st_mode) |
| os.utime(filename, (saved_stat.st_atime, saved_stat.st_mtime)) |
| zipfile.ZIP64_LIMIT = saved_zip64_limit |
| |
| |
| def ZipWriteStr(zip_file, zinfo_or_arcname, data, perms=None, |
| compress_type=None): |
| """Wrap zipfile.writestr() function to work around the zip64 limit. |
| |
| Even with the ZIP64_LIMIT workaround, it won't allow writing a string |
| longer than 2GiB. It gives 'OverflowError: size does not fit in an int' |
| when calling crc32(bytes). |
| |
| But it still works fine to write a shorter string into a large zip file. |
| We should use ZipWrite() whenever possible, and only use ZipWriteStr() |
| when we know the string won't be too long. |
| """ |
| |
| saved_zip64_limit = zipfile.ZIP64_LIMIT |
| zipfile.ZIP64_LIMIT = (1 << 32) - 1 |
| |
| if not isinstance(zinfo_or_arcname, zipfile.ZipInfo): |
| zinfo = zipfile.ZipInfo(filename=zinfo_or_arcname) |
| zinfo.compress_type = zip_file.compression |
| if perms is None: |
| perms = 0o100644 |
| else: |
| zinfo = zinfo_or_arcname |
| # Python 2 and 3 behave differently when calling ZipFile.writestr() with |
| # zinfo.external_attr being 0. Python 3 uses `0o600 << 16` as the value for |
| # such a case (since |
| # https://github.com/python/cpython/commit/18ee29d0b870caddc0806916ca2c823254f1a1f9), |
| # which seems to make more sense. Otherwise the entry will have 0o000 as the |
| # permission bits. We follow the logic in Python 3 to get consistent |
| # behavior between using the two versions. |
| if not zinfo.external_attr: |
| zinfo.external_attr = 0o600 << 16 |
| |
| # If compress_type is given, it overrides the value in zinfo. |
| if compress_type is not None: |
| zinfo.compress_type = compress_type |
| |
| # If perms is given, it has a priority. |
| if perms is not None: |
| # If perms doesn't set the file type, mark it as a regular file. |
| if perms & 0o770000 == 0: |
| perms |= 0o100000 |
| zinfo.external_attr = perms << 16 |
| |
| # Use a fixed timestamp so the output is repeatable. |
| zinfo.date_time = (2009, 1, 1, 0, 0, 0) |
| |
| zip_file.writestr(zinfo, data) |
| zipfile.ZIP64_LIMIT = saved_zip64_limit |
| |
| |
| def ZipDelete(zip_filename, entries): |
| """Deletes entries from a ZIP file. |
| |
| Since deleting entries from a ZIP file is not supported, it shells out to |
| 'zip -d'. |
| |
| Args: |
| zip_filename: The name of the ZIP file. |
| entries: The name of the entry, or the list of names to be deleted. |
| |
| Raises: |
| AssertionError: In case of non-zero return from 'zip'. |
| """ |
| if isinstance(entries, str): |
| entries = [entries] |
| cmd = ["zip", "-d", zip_filename] + entries |
| RunAndCheckOutput(cmd) |
| |
| |
| def ZipClose(zip_file): |
| # http://b/18015246 |
| # zipfile also refers to ZIP64_LIMIT during close() when it writes out the |
| # central directory. |
| saved_zip64_limit = zipfile.ZIP64_LIMIT |
| zipfile.ZIP64_LIMIT = (1 << 32) - 1 |
| |
| zip_file.close() |
| |
| zipfile.ZIP64_LIMIT = saved_zip64_limit |
| |
| |
| class DeviceSpecificParams(object): |
| module = None |
| def __init__(self, **kwargs): |
| """Keyword arguments to the constructor become attributes of this |
| object, which is passed to all functions in the device-specific |
| module.""" |
| for k, v in kwargs.items(): |
| setattr(self, k, v) |
| self.extras = OPTIONS.extras |
| |
| if self.module is None: |
| path = OPTIONS.device_specific |
| if not path: |
| return |
| try: |
| if os.path.isdir(path): |
| info = imp.find_module("releasetools", [path]) |
| else: |
| d, f = os.path.split(path) |
| b, x = os.path.splitext(f) |
| if x == ".py": |
| f = b |
| info = imp.find_module(f, [d]) |
| logger.info("loaded device-specific extensions from %s", path) |
| self.module = imp.load_module("device_specific", *info) |
| except ImportError: |
| logger.info("unable to load device-specific module; assuming none") |
| |
| def _DoCall(self, function_name, *args, **kwargs): |
| """Call the named function in the device-specific module, passing |
| the given args and kwargs. The first argument to the call will be |
| the DeviceSpecific object itself. If there is no module, or the |
| module does not define the function, return the value of the |
| 'default' kwarg (which itself defaults to None).""" |
| if self.module is None or not hasattr(self.module, function_name): |
| return kwargs.get("default") |
| return getattr(self.module, function_name)(*((self,) + args), **kwargs) |
| |
| def FullOTA_Assertions(self): |
| """Called after emitting the block of assertions at the top of a |
| full OTA package. Implementations can add whatever additional |
| assertions they like.""" |
| return self._DoCall("FullOTA_Assertions") |
| |
| def FullOTA_InstallBegin(self): |
| """Called at the start of full OTA installation.""" |
| return self._DoCall("FullOTA_InstallBegin") |
| |
| def FullOTA_GetBlockDifferences(self): |
| """Called during full OTA installation and verification. |
| Implementation should return a list of BlockDifference objects describing |
| the update on each additional partitions. |
| """ |
| return self._DoCall("FullOTA_GetBlockDifferences") |
| |
| def FullOTA_InstallEnd(self): |
| """Called at the end of full OTA installation; typically this is |
| used to install the image for the device's baseband processor.""" |
| return self._DoCall("FullOTA_InstallEnd") |
| |
| def IncrementalOTA_Assertions(self): |
| """Called after emitting the block of assertions at the top of an |
| incremental OTA package. Implementations can add whatever |
| additional assertions they like.""" |
| return self._DoCall("IncrementalOTA_Assertions") |
| |
| def IncrementalOTA_VerifyBegin(self): |
| """Called at the start of the verification phase of incremental |
| OTA installation; additional checks can be placed here to abort |
| the script before any changes are made.""" |
| return self._DoCall("IncrementalOTA_VerifyBegin") |
| |
| def IncrementalOTA_VerifyEnd(self): |
| """Called at the end of the verification phase of incremental OTA |
| installation; additional checks can be placed here to abort the |
| script before any changes are made.""" |
| return self._DoCall("IncrementalOTA_VerifyEnd") |
| |
| def IncrementalOTA_InstallBegin(self): |
| """Called at the start of incremental OTA installation (after |
| verification is complete).""" |
| return self._DoCall("IncrementalOTA_InstallBegin") |
| |
| def IncrementalOTA_GetBlockDifferences(self): |
| """Called during incremental OTA installation and verification. |
| Implementation should return a list of BlockDifference objects describing |
| the update on each additional partitions. |
| """ |
| return self._DoCall("IncrementalOTA_GetBlockDifferences") |
| |
| def IncrementalOTA_InstallEnd(self): |
| """Called at the end of incremental OTA installation; typically |
| this is used to install the image for the device's baseband |
| processor.""" |
| return self._DoCall("IncrementalOTA_InstallEnd") |
| |
| def VerifyOTA_Assertions(self): |
| return self._DoCall("VerifyOTA_Assertions") |
| |
| |
| class File(object): |
| def __init__(self, name, data, compress_size=None): |
| self.name = name |
| self.data = data |
| self.size = len(data) |
| self.compress_size = compress_size or self.size |
| self.sha1 = sha1(data).hexdigest() |
| |
| @classmethod |
| def FromLocalFile(cls, name, diskname): |
| f = open(diskname, "rb") |
| data = f.read() |
| f.close() |
| return File(name, data) |
| |
| def WriteToTemp(self): |
| t = tempfile.NamedTemporaryFile() |
| t.write(self.data) |
| t.flush() |
| return t |
| |
| def WriteToDir(self, d): |
| with open(os.path.join(d, self.name), "wb") as fp: |
| fp.write(self.data) |
| |
| def AddToZip(self, z, compression=None): |
| ZipWriteStr(z, self.name, self.data, compress_type=compression) |
| |
| |
| DIFF_PROGRAM_BY_EXT = { |
| ".gz" : "imgdiff", |
| ".zip" : ["imgdiff", "-z"], |
| ".jar" : ["imgdiff", "-z"], |
| ".apk" : ["imgdiff", "-z"], |
| ".img" : "imgdiff", |
| } |
| |
| |
| class Difference(object): |
| def __init__(self, tf, sf, diff_program=None): |
| self.tf = tf |
| self.sf = sf |
| self.patch = None |
| self.diff_program = diff_program |
| |
| def ComputePatch(self): |
| """Compute the patch (as a string of data) needed to turn sf into |
| tf. Returns the same tuple as GetPatch().""" |
| |
| tf = self.tf |
| sf = self.sf |
| |
| if self.diff_program: |
| diff_program = self.diff_program |
| else: |
| ext = os.path.splitext(tf.name)[1] |
| diff_program = DIFF_PROGRAM_BY_EXT.get(ext, "bsdiff") |
| |
| ttemp = tf.WriteToTemp() |
| stemp = sf.WriteToTemp() |
| |
| ext = os.path.splitext(tf.name)[1] |
| |
| try: |
| ptemp = tempfile.NamedTemporaryFile() |
| if isinstance(diff_program, list): |
| cmd = copy.copy(diff_program) |
| else: |
| cmd = [diff_program] |
| cmd.append(stemp.name) |
| cmd.append(ttemp.name) |
| cmd.append(ptemp.name) |
| p = Run(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE) |
| err = [] |
| def run(): |
| _, e = p.communicate() |
| if e: |
| err.append(e) |
| th = threading.Thread(target=run) |
| th.start() |
| th.join(timeout=300) # 5 mins |
| if th.is_alive(): |
| logger.warning("diff command timed out") |
| p.terminate() |
| th.join(5) |
| if th.is_alive(): |
| p.kill() |
| th.join() |
| |
| if p.returncode != 0: |
| logger.warning("Failure running %s:\n%s\n", diff_program, "".join(err)) |
| self.patch = None |
| return None, None, None |
| diff = ptemp.read() |
| finally: |
| ptemp.close() |
| stemp.close() |
| ttemp.close() |
| |
| self.patch = diff |
| return self.tf, self.sf, self.patch |
| |
| |
| def GetPatch(self): |
| """Returns a tuple of (target_file, source_file, patch_data). |
| |
| patch_data may be None if ComputePatch hasn't been called, or if |
| computing the patch failed. |
| """ |
| return self.tf, self.sf, self.patch |
| |
| |
| def ComputeDifferences(diffs): |
| """Call ComputePatch on all the Difference objects in 'diffs'.""" |
| logger.info("%d diffs to compute", len(diffs)) |
| |
| # Do the largest files first, to try and reduce the long-pole effect. |
| by_size = [(i.tf.size, i) for i in diffs] |
| by_size.sort(reverse=True) |
| by_size = [i[1] for i in by_size] |
| |
| lock = threading.Lock() |
| diff_iter = iter(by_size) # accessed under lock |
| |
| def worker(): |
| try: |
| lock.acquire() |
| for d in diff_iter: |
| lock.release() |
| start = time.time() |
| d.ComputePatch() |
| dur = time.time() - start |
| lock.acquire() |
| |
| tf, sf, patch = d.GetPatch() |
| if sf.name == tf.name: |
| name = tf.name |
| else: |
| name = "%s (%s)" % (tf.name, sf.name) |
| if patch is None: |
| logger.error("patching failed! %40s", name) |
| else: |
| logger.info( |
| "%8.2f sec %8d / %8d bytes (%6.2f%%) %s", dur, len(patch), |
| tf.size, 100.0 * len(patch) / tf.size, name) |
| lock.release() |
| except Exception: |
| logger.exception("Failed to compute diff from worker") |
| raise |
| |
| # start worker threads; wait for them all to finish. |
| threads = [threading.Thread(target=worker) |
| for i in range(OPTIONS.worker_threads)] |
| for th in threads: |
| th.start() |
| while threads: |
| threads.pop().join() |
| |
| |
| class BlockDifference(object): |
| def __init__(self, partition, tgt, src=None, check_first_block=False, |
| version=None, disable_imgdiff=False): |
| self.tgt = tgt |
| self.src = src |
| self.partition = partition |
| self.check_first_block = check_first_block |
| self.disable_imgdiff = disable_imgdiff |
| |
| if version is None: |
| version = max( |
| int(i) for i in |
| OPTIONS.info_dict.get("blockimgdiff_versions", "1").split(",")) |
| assert version >= 3 |
| self.version = version |
| |
| b = BlockImageDiff(tgt, src, threads=OPTIONS.worker_threads, |
| version=self.version, |
| disable_imgdiff=self.disable_imgdiff) |
| self.path = os.path.join(MakeTempDir(), partition) |
| b.Compute(self.path) |
| self._required_cache = b.max_stashed_size |
| self.touched_src_ranges = b.touched_src_ranges |
| self.touched_src_sha1 = b.touched_src_sha1 |
| |
| # On devices with dynamic partitions, for new partitions, |
| # src is None but OPTIONS.source_info_dict is not. |
| if OPTIONS.source_info_dict is None: |
| is_dynamic_build = OPTIONS.info_dict.get( |
| "use_dynamic_partitions") == "true" |
| is_dynamic_source = False |
| else: |
| is_dynamic_build = OPTIONS.source_info_dict.get( |
| "use_dynamic_partitions") == "true" |
| is_dynamic_source = partition in shlex.split( |
| OPTIONS.source_info_dict.get("dynamic_partition_list", "").strip()) |
| |
| is_dynamic_target = partition in shlex.split( |
| OPTIONS.info_dict.get("dynamic_partition_list", "").strip()) |
| |
| # For dynamic partitions builds, check partition list in both source |
| # and target build because new partitions may be added, and existing |
| # partitions may be removed. |
| is_dynamic = is_dynamic_build and (is_dynamic_source or is_dynamic_target) |
| |
| if is_dynamic: |
| self.device = 'map_partition("%s")' % partition |
| else: |
| if OPTIONS.source_info_dict is None: |
| _, device_expr = GetTypeAndDeviceExpr("/" + partition, |
| OPTIONS.info_dict) |
| else: |
| _, device_expr = GetTypeAndDeviceExpr("/" + partition, |
| OPTIONS.source_info_dict) |
| self.device = device_expr |
| |
| @property |
| def required_cache(self): |
| return self._required_cache |
| |
| def WriteScript(self, script, output_zip, progress=None, |
| write_verify_script=False): |
| if not self.src: |
| # write the output unconditionally |
| script.Print("Patching %s image unconditionally..." % (self.partition,)) |
| else: |
| script.Print("Patching %s image after verification." % (self.partition,)) |
| |
| if progress: |
| script.ShowProgress(progress, 0) |
| self._WriteUpdate(script, output_zip) |
| |
| if write_verify_script: |
| self.WritePostInstallVerifyScript(script) |
| |
| def WriteStrictVerifyScript(self, script): |
| """Verify all the blocks in the care_map, including clobbered blocks. |
| |
| This differs from the WriteVerifyScript() function: a) it prints different |
| error messages; b) it doesn't allow half-way updated images to pass the |
| verification.""" |
| |
| partition = self.partition |
| script.Print("Verifying %s..." % (partition,)) |
| ranges = self.tgt.care_map |
| ranges_str = ranges.to_string_raw() |
| script.AppendExtra( |
| 'range_sha1(%s, "%s") == "%s" && ui_print(" Verified.") || ' |
| 'ui_print("%s has unexpected contents.");' % ( |
| self.device, ranges_str, |
| self.tgt.TotalSha1(include_clobbered_blocks=True), |
| self.partition)) |
| script.AppendExtra("") |
| |
| def WriteVerifyScript(self, script, touched_blocks_only=False): |
| partition = self.partition |
| |
| # full OTA |
| if not self.src: |
| script.Print("Image %s will be patched unconditionally." % (partition,)) |
| |
| # incremental OTA |
| else: |
| if touched_blocks_only: |
| ranges = self.touched_src_ranges |
| expected_sha1 = self.touched_src_sha1 |
| else: |
| ranges = self.src.care_map.subtract(self.src.clobbered_blocks) |
| expected_sha1 = self.src.TotalSha1() |
| |
| # No blocks to be checked, skipping. |
| if not ranges: |
| return |
| |
| ranges_str = ranges.to_string_raw() |
| script.AppendExtra( |
| 'if (range_sha1(%s, "%s") == "%s" || block_image_verify(%s, ' |
| 'package_extract_file("%s.transfer.list"), "%s.new.dat", ' |
| '"%s.patch.dat")) then' % ( |
| self.device, ranges_str, expected_sha1, |
| self.device, partition, partition, partition)) |
| script.Print('Verified %s image...' % (partition,)) |
| script.AppendExtra('else') |
| |
| if self.version >= 4: |
| |
| # Bug: 21124327 |
| # When generating incrementals for the system and vendor partitions in |
| # version 4 or newer, explicitly check the first block (which contains |
| # the superblock) of the partition to see if it's what we expect. If |
| # this check fails, give an explicit log message about the partition |
| # having been remounted R/W (the most likely explanation). |
| if self.check_first_block: |
| script.AppendExtra('check_first_block(%s);' % (self.device,)) |
| |
| # If version >= 4, try block recovery before abort update |
| if partition == "system": |
| code = ErrorCode.SYSTEM_RECOVER_FAILURE |
| else: |
| code = ErrorCode.VENDOR_RECOVER_FAILURE |
| script.AppendExtra(( |
| 'ifelse (block_image_recover({device}, "{ranges}") && ' |
| 'block_image_verify({device}, ' |
| 'package_extract_file("{partition}.transfer.list"), ' |
| '"{partition}.new.dat", "{partition}.patch.dat"), ' |
| 'ui_print("{partition} recovered successfully."), ' |
| 'abort("E{code}: {partition} partition fails to recover"));\n' |
| 'endif;').format(device=self.device, ranges=ranges_str, |
| partition=partition, code=code)) |
| |
| # Abort the OTA update. Note that the incremental OTA cannot be applied |
| # even if it may match the checksum of the target partition. |
| # a) If version < 3, operations like move and erase will make changes |
| # unconditionally and damage the partition. |
| # b) If version >= 3, it won't even reach here. |
| else: |
| if partition == "system": |
| code = ErrorCode.SYSTEM_VERIFICATION_FAILURE |
| else: |
| code = ErrorCode.VENDOR_VERIFICATION_FAILURE |
| script.AppendExtra(( |
| 'abort("E%d: %s partition has unexpected contents");\n' |
| 'endif;') % (code, partition)) |
| |
| def WritePostInstallVerifyScript(self, script): |
| partition = self.partition |
| script.Print('Verifying the updated %s image...' % (partition,)) |
| # Unlike pre-install verification, clobbered_blocks should not be ignored. |
| ranges = self.tgt.care_map |
| ranges_str = ranges.to_string_raw() |
| script.AppendExtra( |
| 'if range_sha1(%s, "%s") == "%s" then' % ( |
| self.device, ranges_str, |
| self.tgt.TotalSha1(include_clobbered_blocks=True))) |
| |
| # Bug: 20881595 |
| # Verify that extended blocks are really zeroed out. |
| if self.tgt.extended: |
| ranges_str = self.tgt.extended.to_string_raw() |
| script.AppendExtra( |
| 'if range_sha1(%s, "%s") == "%s" then' % ( |
| self.device, ranges_str, |
| self._HashZeroBlocks(self.tgt.extended.size()))) |
| script.Print('Verified the updated %s image.' % (partition,)) |
| if partition == "system": |
| code = ErrorCode.SYSTEM_NONZERO_CONTENTS |
| else: |
| code = ErrorCode.VENDOR_NONZERO_CONTENTS |
| script.AppendExtra( |
| 'else\n' |
| ' abort("E%d: %s partition has unexpected non-zero contents after ' |
| 'OTA update");\n' |
| 'endif;' % (code, partition)) |
| else: |
| script.Print('Verified the updated %s image.' % (partition,)) |
| |
| if partition == "system": |
| code = ErrorCode.SYSTEM_UNEXPECTED_CONTENTS |
| else: |
| code = ErrorCode.VENDOR_UNEXPECTED_CONTENTS |
| |
| script.AppendExtra( |
| 'else\n' |
| ' abort("E%d: %s partition has unexpected contents after OTA ' |
| 'update");\n' |
| 'endif;' % (code, partition)) |
| |
| def _WriteUpdate(self, script, output_zip): |
| ZipWrite(output_zip, |
| '{}.transfer.list'.format(self.path), |
| '{}.transfer.list'.format(self.partition)) |
| |
| # For full OTA, compress the new.dat with brotli with quality 6 to reduce |
| # its size. Quailty 9 almost triples the compression time but doesn't |
| # further reduce the size too much. For a typical 1.8G system.new.dat |
| # zip | brotli(quality 6) | brotli(quality 9) |
| # compressed_size: 942M | 869M (~8% reduced) | 854M |
| # compression_time: 75s | 265s | 719s |
| # decompression_time: 15s | 25s | 25s |
| |
| if not self.src: |
| brotli_cmd = ['brotli', '--quality=6', |
| '--output={}.new.dat.br'.format(self.path), |
| '{}.new.dat'.format(self.path)] |
| print("Compressing {}.new.dat with brotli".format(self.partition)) |
| RunAndCheckOutput(brotli_cmd) |
| |
| new_data_name = '{}.new.dat.br'.format(self.partition) |
| ZipWrite(output_zip, |
| '{}.new.dat.br'.format(self.path), |
| new_data_name, |
| compress_type=zipfile.ZIP_STORED) |
| else: |
| new_data_name = '{}.new.dat'.format(self.partition) |
| ZipWrite(output_zip, '{}.new.dat'.format(self.path), new_data_name) |
| |
| ZipWrite(output_zip, |
| '{}.patch.dat'.format(self.path), |
| '{}.patch.dat'.format(self.partition), |
| compress_type=zipfile.ZIP_STORED) |
| |
| if self.partition == "system": |
| code = ErrorCode.SYSTEM_UPDATE_FAILURE |
| else: |
| code = ErrorCode.VENDOR_UPDATE_FAILURE |
| |
| call = ('block_image_update({device}, ' |
| 'package_extract_file("{partition}.transfer.list"), ' |
| '"{new_data_name}", "{partition}.patch.dat") ||\n' |
| ' abort("E{code}: Failed to update {partition} image.");'.format( |
| device=self.device, partition=self.partition, |
| new_data_name=new_data_name, code=code)) |
| script.AppendExtra(script.WordWrap(call)) |
| |
| def _HashBlocks(self, source, ranges): # pylint: disable=no-self-use |
| data = source.ReadRangeSet(ranges) |
| ctx = sha1() |
| |
| for p in data: |
| ctx.update(p) |
| |
| return ctx.hexdigest() |
| |
| def _HashZeroBlocks(self, num_blocks): # pylint: disable=no-self-use |
| """Return the hash value for all zero blocks.""" |
| zero_block = '\x00' * 4096 |
| ctx = sha1() |
| for _ in range(num_blocks): |
| ctx.update(zero_block) |
| |
| return ctx.hexdigest() |
| |
| |
| # Expose these two classes to support vendor-specific scripts |
| DataImage = images.DataImage |
| EmptyImage = images.EmptyImage |
| |
| |
| # map recovery.fstab's fs_types to mount/format "partition types" |
| PARTITION_TYPES = { |
| "ext4": "EMMC", |
| "emmc": "EMMC", |
| "f2fs": "EMMC", |
| "squashfs": "EMMC" |
| } |
| |
| def GetTypeAndDevice(mount_point, info, check_no_slot=True): |
| """ |
| Use GetTypeAndDeviceExpr whenever possible. This function is kept for |
| backwards compatibility. It aborts if the fstab entry has slotselect option |
| (unless check_no_slot is explicitly set to False). |
| """ |
| fstab = info["fstab"] |
| if fstab: |
| if check_no_slot: |
| assert not fstab[mount_point].slotselect, \ |
| "Use GetTypeAndDeviceExpr instead" |
| return (PARTITION_TYPES[fstab[mount_point].fs_type], |
| fstab[mount_point].device) |
| else: |
| raise KeyError |
| |
| |
| def GetTypeAndDeviceExpr(mount_point, info): |
| """ |
| Return the filesystem of the partition, and an edify expression that evaluates |
| to the device at runtime. |
| """ |
| fstab = info["fstab"] |
| if fstab: |
| p = fstab[mount_point] |
| device_expr = '"%s"' % fstab[mount_point].device |
| if p.slotselect: |
| device_expr = 'add_slot_suffix(%s)' % device_expr |
| return (PARTITION_TYPES[fstab[mount_point].fs_type], device_expr) |
| else: |
| raise KeyError |
| |
| |
| def GetEntryForDevice(fstab, device): |
| """ |
| Returns: |
| The first entry in fstab whose device is the given value. |
| """ |
| if not fstab: |
| return None |
| for mount_point in fstab: |
| if fstab[mount_point].device == device: |
| return fstab[mount_point] |
| return None |
| |
| def ParseCertificate(data): |
| """Parses and converts a PEM-encoded certificate into DER-encoded. |
| |
| This gives the same result as `openssl x509 -in <filename> -outform DER`. |
| |
| Returns: |
| The decoded certificate bytes. |
| """ |
| cert_buffer = [] |
| save = False |
| for line in data.split("\n"): |
| if "--END CERTIFICATE--" in line: |
| break |
| if save: |
| cert_buffer.append(line) |
| if "--BEGIN CERTIFICATE--" in line: |
| save = True |
| cert = base64.b64decode("".join(cert_buffer)) |
| return cert |
| |
| |
| def ExtractPublicKey(cert): |
| """Extracts the public key (PEM-encoded) from the given certificate file. |
| |
| Args: |
| cert: The certificate filename. |
| |
| Returns: |
| The public key string. |
| |
| Raises: |
| AssertionError: On non-zero return from 'openssl'. |
| """ |
| # The behavior with '-out' is different between openssl 1.1 and openssl 1.0. |
| # While openssl 1.1 writes the key into the given filename followed by '-out', |
| # openssl 1.0 (both of 1.0.1 and 1.0.2) doesn't. So we collect the output from |
| # stdout instead. |
| cmd = ['openssl', 'x509', '-pubkey', '-noout', '-in', cert] |
| proc = Run(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE) |
| pubkey, stderrdata = proc.communicate() |
| assert proc.returncode == 0, \ |
| 'Failed to dump public key from certificate: %s\n%s' % (cert, stderrdata) |
| return pubkey |
| |
| |
| def ExtractAvbPublicKey(avbtool, key): |
| """Extracts the AVB public key from the given public or private key. |
| |
| Args: |
| avbtool: The AVB tool to use. |
| key: The input key file, which should be PEM-encoded public or private key. |
| |
| Returns: |
| The path to the extracted AVB public key file. |
| """ |
| output = MakeTempFile(prefix='avb-', suffix='.avbpubkey') |
| RunAndCheckOutput( |
| |