diff options
| author | Xin Li <delphij@google.com> | 2020-06-06 03:41:22 +0200 |
|---|---|---|
| committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2020-06-06 03:41:22 +0200 |
| commit | 3e72aaf11c00060241f2a59bbd4523600bf29a86 (patch) | |
| tree | 440384897fa5143e97d5b266b9b7172450ddf5ae /install | |
| parent | Merge "Use ro.build.fingerprint instead of ro.bootimage.*" (diff) | |
| parent | Merge QQ3A.200605.002 into master (diff) | |
| download | android_bootable_recovery-3e72aaf11c00060241f2a59bbd4523600bf29a86.tar android_bootable_recovery-3e72aaf11c00060241f2a59bbd4523600bf29a86.tar.gz android_bootable_recovery-3e72aaf11c00060241f2a59bbd4523600bf29a86.tar.bz2 android_bootable_recovery-3e72aaf11c00060241f2a59bbd4523600bf29a86.tar.lz android_bootable_recovery-3e72aaf11c00060241f2a59bbd4523600bf29a86.tar.xz android_bootable_recovery-3e72aaf11c00060241f2a59bbd4523600bf29a86.tar.zst android_bootable_recovery-3e72aaf11c00060241f2a59bbd4523600bf29a86.zip | |
Diffstat (limited to 'install')
| -rw-r--r-- | install/include/install/install.h | 4 | ||||
| -rw-r--r-- | install/install.cpp | 47 |
2 files changed, 51 insertions, 0 deletions
diff --git a/install/include/install/install.h b/install/include/install/install.h index 87d43ab09..bef23e9ca 100644 --- a/install/include/install/install.h +++ b/install/include/install/install.h @@ -63,3 +63,7 @@ bool ReadMetadataFromPackage(ZipArchiveHandle zip, std::map<std::string, std::st // pre-device and serial number (if presents). A/B OTA specific checks: pre-build version, // fingerprint, timestamp. bool CheckPackageMetadata(const std::map<std::string, std::string>& metadata, OtaType ota_type); + +// Ensures the path to the update package is mounted. Also set the |should_use_fuse| to true if the +// package stays on a removable media. +bool SetupPackageMount(const std::string& package_path, bool* should_use_fuse); diff --git a/install/install.cpp b/install/install.cpp index 56c1e68de..d404997dc 100644 --- a/install/install.cpp +++ b/install/install.cpp @@ -30,6 +30,7 @@ #include <atomic> #include <chrono> #include <condition_variable> +#include <filesystem> #include <functional> #include <limits> #include <mutex> @@ -652,3 +653,49 @@ bool verify_package(Package* package, RecoveryUI* ui) { } return true; } + +bool SetupPackageMount(const std::string& package_path, bool* should_use_fuse) { + CHECK(should_use_fuse != nullptr); + + if (package_path.empty()) { + return false; + } + + *should_use_fuse = true; + if (package_path[0] == '@') { + auto block_map_path = package_path.substr(1); + if (ensure_path_mounted(block_map_path) != 0) { + LOG(ERROR) << "Failed to mount " << block_map_path; + return false; + } + // uncrypt only produces block map only if the package stays on /data. + *should_use_fuse = false; + return true; + } + + // Package is not a block map file. + if (ensure_path_mounted(package_path) != 0) { + LOG(ERROR) << "Failed to mount " << package_path; + return false; + } + + // Reject the package if the input path doesn't equal the canonicalized path. + // e.g. /cache/../sdcard/update_package. + std::error_code ec; + auto canonical_path = std::filesystem::canonical(package_path, ec); + if (ec) { + LOG(ERROR) << "Failed to get canonical of " << package_path << ", " << ec.message(); + return false; + } + if (canonical_path.string() != package_path) { + LOG(ERROR) << "Installation aborts. The canonical path " << canonical_path.string() + << " doesn't equal the original path " << package_path; + return false; + } + + constexpr const char* CACHE_ROOT = "/cache"; + if (android::base::StartsWith(package_path, CACHE_ROOT)) { + *should_use_fuse = false; + } + return true; +} |