From d4d4c2456ac6649f65fd561998b2cb8eb2c97edd Mon Sep 17 00:00:00 2001 From: Elliott Hughes Date: Mon, 29 Dec 2014 12:46:43 -0800 Subject: Fix missing #includes in bootable/recovery. Change-Id: I58dfbac6ca1aa80d3659f53a8fad1bbbbdc9b941 --- uncrypt/uncrypt.c | 1 + 1 file changed, 1 insertion(+) (limited to 'uncrypt') diff --git a/uncrypt/uncrypt.c b/uncrypt/uncrypt.c index 189fa57e1..e619237be 100644 --- a/uncrypt/uncrypt.c +++ b/uncrypt/uncrypt.c @@ -39,6 +39,7 @@ // Recovery can take this block map file and retrieve the underlying // file data to use as an update package. +#include #include #include #include -- cgit v1.2.3 From cd3c55ab40efd12f5a2d396dbb57509e4d071641 Mon Sep 17 00:00:00 2001 From: Elliott Hughes Date: Thu, 29 Jan 2015 20:50:08 -0800 Subject: Add missing includes. Change-Id: I06ea08400efa511e627be37a4fd70fbdfadea2e6 --- uncrypt/uncrypt.c | 1 + 1 file changed, 1 insertion(+) (limited to 'uncrypt') diff --git a/uncrypt/uncrypt.c b/uncrypt/uncrypt.c index e619237be..b90bd6b87 100644 --- a/uncrypt/uncrypt.c +++ b/uncrypt/uncrypt.c @@ -42,6 +42,7 @@ #include #include #include +#include #include #include #include -- cgit v1.2.3 From 2f5feedf1d705b53e5bf90c8b5207dd91f4522f1 Mon Sep 17 00:00:00 2001 From: Elliott Hughes Date: Tue, 28 Apr 2015 17:24:24 -0700 Subject: Check all lseek calls succeed. Also add missing TEMP_FAILURE_RETRYs on read, write, and lseek. Bug: http://b/20625546 Change-Id: I03b198e11c1921b35518ee2dd005a7cfcf4fd94b (cherry picked from commit 7bad7c4646ee8fd8d6e6ed0ffd3ddbb0c1b41a2f) --- uncrypt/uncrypt.c | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) (limited to 'uncrypt') diff --git a/uncrypt/uncrypt.c b/uncrypt/uncrypt.c index aa75210b0..da035dfba 100644 --- a/uncrypt/uncrypt.c +++ b/uncrypt/uncrypt.c @@ -65,12 +65,15 @@ static struct fstab* fstab = NULL; static int write_at_offset(unsigned char* buffer, size_t size, int wfd, off64_t offset) { - lseek64(wfd, offset, SEEK_SET); + if (TEMP_FAILURE_RETRY(lseek64(wfd, offset, SEEK_SET)) == -1) { + ALOGE("error seeking to offset %lld: %s\n", offset, strerror(errno)); + return -1; + } size_t written = 0; while (written < size) { - ssize_t wrote = write(wfd, buffer + written, size - written); - if (wrote < 0) { - ALOGE("error writing offset %lld: %s\n", offset, strerror(errno)); + ssize_t wrote = TEMP_FAILURE_RETRY(write(wfd, buffer + written, size - written)); + if (wrote == -1) { + ALOGE("error writing offset %lld: %s\n", (offset + written), strerror(errno)); return -1; } written += wrote; @@ -275,8 +278,9 @@ int produce_block_map(const char* path, const char* map_file, const char* blk_de if (encrypted) { size_t so_far = 0; while (so_far < sb.st_blksize && pos < sb.st_size) { - ssize_t this_read = read(fd, buffers[tail] + so_far, sb.st_blksize - so_far); - if (this_read < 0) { + ssize_t this_read = + TEMP_FAILURE_RETRY(read(fd, buffers[tail] + so_far, sb.st_blksize - so_far)); + if (this_read == -1) { ALOGE("failed to read: %s\n", strerror(errno)); return -1; } @@ -340,8 +344,8 @@ void wipe_misc() { size_t written = 0; size_t size = sizeof(zeroes); while (written < size) { - ssize_t w = write(fd, zeroes, size-written); - if (w < 0 && errno != EINTR) { + ssize_t w = TEMP_FAILURE_RETRY(write(fd, zeroes, size-written)); + if (w == -1) { ALOGE("zero write failed: %s\n", strerror(errno)); return; } else { -- cgit v1.2.3 From 8853cb2f296adfdc57871e9482a8e97b0011b323 Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Mon, 4 May 2015 10:10:13 -0700 Subject: uncrypt: package on non-data partition should follow the right path Fix the accidental change of behavior in [1]. OTA packages not on /data partition should still go through the path that has validity checks and wipe_misc() steps. [1]: commit eaf33654c1817bd665831a13c5bd0c04daabee02. Change-Id: I3e86e19f06603bfe6ecc691c9aa66a8a8a79c5fb (cherry picked from commit fb4ccef1df4f0bd8fa830c750f2970dd2df9e51b) --- uncrypt/uncrypt.c | 61 +++++++++++++++++++++++++++++++++++++------------------ 1 file changed, 41 insertions(+), 20 deletions(-) (limited to 'uncrypt') diff --git a/uncrypt/uncrypt.c b/uncrypt/uncrypt.c index da035dfba..42ae649cc 100644 --- a/uncrypt/uncrypt.c +++ b/uncrypt/uncrypt.c @@ -159,12 +159,13 @@ const char* find_block_device(const char* path, int* encryptable, int* encrypted return NULL; } -char* parse_recovery_command_file() +// Parse the command file RECOVERY_COMMAND_FILE to find the update package +// name. If it's on the /data partition, replace the package name with the +// block map file name and store it temporarily in RECOVERY_COMMAND_FILE_TMP. +// It will be renamed to RECOVERY_COMMAND_FILE if uncrypt finishes +// successfully. +static char* find_update_package() { - char* fn = NULL; - int count = 0; - char temp[1024]; - FILE* f = fopen(RECOVERY_COMMAND_FILE, "r"); if (f == NULL) { return NULL; @@ -175,17 +176,27 @@ char* parse_recovery_command_file() return NULL; } FILE* fo = fdopen(fd, "w"); - - while (fgets(temp, sizeof(temp), f)) { - printf("read: %s", temp); - if (strncmp(temp, "--update_package=/data/", strlen("--update_package=/data/")) == 0) { - fn = strdup(temp + strlen("--update_package=")); - strcpy(temp, "--update_package=@" CACHE_BLOCK_MAP "\n"); + char* fn = NULL; + char* line = NULL; + size_t len = 0; + while (getline(&line, &len, f) != -1) { + if (strncmp(line, "--update_package=", strlen("--update_package=")) == 0) { + fn = strdup(line + strlen("--update_package=")); + // Replace the package name with block map file if it's on /data partition. + if (strncmp(fn, "/data/", strlen("/data/")) == 0) { + fputs("--update_package=@" CACHE_BLOCK_MAP "\n", fo); + continue; + } } - fputs(temp, fo); + fputs(line, fo); } + free(line); fclose(f); - fsync(fd); + if (fsync(fd) == -1) { + ALOGE("failed to fsync \"%s\": %s\n", RECOVERY_COMMAND_FILE_TMP, strerror(errno)); + fclose(fo); + return NULL; + } fclose(fo); if (fn) { @@ -244,7 +255,6 @@ int produce_block_map(const char* path, const char* map_file, const char* blk_de ALOGE("failed to open fd for reading: %s\n", strerror(errno)); return -1; } - fsync(fd); int wfd = -1; if (encrypted) { @@ -319,11 +329,17 @@ int produce_block_map(const char* path, const char* map_file, const char* blk_de fprintf(mapf, "%d %d\n", ranges[i*2], ranges[i*2+1]); } - fsync(mapfd); + if (fsync(mapfd) == -1) { + ALOGE("failed to fsync \"%s\": %s\n", map_file, strerror(errno)); + return -1; + } fclose(mapf); close(fd); if (encrypted) { - fsync(wfd); + if (fsync(wfd) == -1) { + ALOGE("failed to fsync \"%s\": %s\n", blk_dev, strerror(errno)); + return -1; + } close(wfd); } @@ -352,7 +368,11 @@ void wipe_misc() { written += w; } } - fsync(fd); + if (fsync(fd) == -1) { + ALOGE("failed to fsync \"%s\": %s\n", v->blk_device, strerror(errno)); + close(fd); + return; + } close(fd); } } @@ -383,7 +403,7 @@ int main(int argc, char** argv) map_file = argv[2]; do_reboot = 0; } else { - input_path = parse_recovery_command_file(); + input_path = find_update_package(); if (input_path == NULL) { // if we're rebooting to recovery without a package (say, // to wipe data), then we don't need to do anything before @@ -432,15 +452,16 @@ int main(int argc, char** argv) if (strncmp(path, "/data/", 6) != 0) { // path does not start with "/data/"; leave it alone. unlink(RECOVERY_COMMAND_FILE_TMP); + wipe_misc(); } else { ALOGI("writing block map %s", map_file); if (produce_block_map(path, map_file, blk_dev, encrypted) != 0) { return 1; } + wipe_misc(); + rename(RECOVERY_COMMAND_FILE_TMP, RECOVERY_COMMAND_FILE); } - wipe_misc(); - rename(RECOVERY_COMMAND_FILE_TMP, RECOVERY_COMMAND_FILE); if (do_reboot) reboot_to_recovery(); return 0; } -- cgit v1.2.3 From 3e8d28b547cd75af3f77f38a7e2895d0dbd2e232 Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Tue, 5 May 2015 18:36:45 -0700 Subject: uncrypt: Switch to C++ Also apply some trivial changes like int -> bool and clean-ups. Change-Id: I5c6c42d34965305c394f4f2de78487bd1174992a (cherry picked from commit 381f455cac0905b023dde79625b06c27b6165dd0) --- uncrypt/Android.mk | 2 +- uncrypt/uncrypt.c | 467 ---------------------------------------------------- uncrypt/uncrypt.cpp | 465 +++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 466 insertions(+), 468 deletions(-) delete mode 100644 uncrypt/uncrypt.c create mode 100644 uncrypt/uncrypt.cpp (limited to 'uncrypt') diff --git a/uncrypt/Android.mk b/uncrypt/Android.mk index 878d2757e..d832d9724 100644 --- a/uncrypt/Android.mk +++ b/uncrypt/Android.mk @@ -16,7 +16,7 @@ LOCAL_PATH := $(call my-dir) include $(CLEAR_VARS) -LOCAL_SRC_FILES := uncrypt.c +LOCAL_SRC_FILES := uncrypt.cpp LOCAL_MODULE := uncrypt diff --git a/uncrypt/uncrypt.c b/uncrypt/uncrypt.c deleted file mode 100644 index 42ae649cc..000000000 --- a/uncrypt/uncrypt.c +++ /dev/null @@ -1,467 +0,0 @@ -/* - * Copyright (C) 2014 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -// This program takes a file on an ext4 filesystem and produces a list -// of the blocks that file occupies, which enables the file contents -// to be read directly from the block device without mounting the -// filesystem. -// -// If the filesystem is using an encrypted block device, it will also -// read the file and rewrite it to the same blocks of the underlying -// (unencrypted) block device, so the file contents can be read -// without the need for the decryption key. -// -// The output of this program is a "block map" which looks like this: -// -// /dev/block/platform/msm_sdcc.1/by-name/userdata # block device -// 49652 4096 # file size in bytes, block size -// 3 # count of block ranges -// 1000 1008 # block range 0 -// 2100 2102 # ... block range 1 -// 30 33 # ... block range 2 -// -// Each block range represents a half-open interval; the line "30 33" -// reprents the blocks [30, 31, 32]. -// -// Recovery can take this block map file and retrieve the underlying -// file data to use as an update package. - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#define LOG_TAG "uncrypt" -#include -#include -#include - -#define WINDOW_SIZE 5 -#define RECOVERY_COMMAND_FILE "/cache/recovery/command" -#define RECOVERY_COMMAND_FILE_TMP "/cache/recovery/command.tmp" -#define CACHE_BLOCK_MAP "/cache/recovery/block.map" - -static struct fstab* fstab = NULL; - -static int write_at_offset(unsigned char* buffer, size_t size, - int wfd, off64_t offset) -{ - if (TEMP_FAILURE_RETRY(lseek64(wfd, offset, SEEK_SET)) == -1) { - ALOGE("error seeking to offset %lld: %s\n", offset, strerror(errno)); - return -1; - } - size_t written = 0; - while (written < size) { - ssize_t wrote = TEMP_FAILURE_RETRY(write(wfd, buffer + written, size - written)); - if (wrote == -1) { - ALOGE("error writing offset %lld: %s\n", (offset + written), strerror(errno)); - return -1; - } - written += wrote; - } - return 0; -} - -void add_block_to_ranges(int** ranges, int* range_alloc, int* range_used, int new_block) -{ - // If the current block start is < 0, set the start to the new - // block. (This only happens for the very first block of the very - // first range.) - if ((*ranges)[*range_used*2-2] < 0) { - (*ranges)[*range_used*2-2] = new_block; - (*ranges)[*range_used*2-1] = new_block; - } - - if (new_block == (*ranges)[*range_used*2-1]) { - // If the new block comes immediately after the current range, - // all we have to do is extend the current range. - ++(*ranges)[*range_used*2-1]; - } else { - // We need to start a new range. - - // If there isn't enough room in the array, we need to expand it. - if (*range_used >= *range_alloc) { - *range_alloc *= 2; - *ranges = realloc(*ranges, *range_alloc * 2 * sizeof(int)); - } - - ++*range_used; - (*ranges)[*range_used*2-2] = new_block; - (*ranges)[*range_used*2-1] = new_block+1; - } -} - -static struct fstab* read_fstab() -{ - fstab = NULL; - - // The fstab path is always "/fstab.${ro.hardware}". - char fstab_path[PATH_MAX+1] = "/fstab."; - if (!property_get("ro.hardware", fstab_path+strlen(fstab_path), "")) { - ALOGE("failed to get ro.hardware\n"); - return NULL; - } - - fstab = fs_mgr_read_fstab(fstab_path); - if (!fstab) { - ALOGE("failed to read %s\n", fstab_path); - return NULL; - } - - return fstab; -} - -const char* find_block_device(const char* path, int* encryptable, int* encrypted) -{ - // Look for a volume whose mount point is the prefix of path and - // return its block device. Set encrypted if it's currently - // encrypted. - int i; - for (i = 0; i < fstab->num_entries; ++i) { - struct fstab_rec* v = &fstab->recs[i]; - if (!v->mount_point) continue; - int len = strlen(v->mount_point); - if (strncmp(path, v->mount_point, len) == 0 && - (path[len] == '/' || path[len] == 0)) { - *encrypted = 0; - *encryptable = 0; - if (fs_mgr_is_encryptable(v)) { - *encryptable = 1; - char buffer[PROPERTY_VALUE_MAX+1]; - if (property_get("ro.crypto.state", buffer, "") && - strcmp(buffer, "encrypted") == 0) { - *encrypted = 1; - } - } - return v->blk_device; - } - } - - return NULL; -} - -// Parse the command file RECOVERY_COMMAND_FILE to find the update package -// name. If it's on the /data partition, replace the package name with the -// block map file name and store it temporarily in RECOVERY_COMMAND_FILE_TMP. -// It will be renamed to RECOVERY_COMMAND_FILE if uncrypt finishes -// successfully. -static char* find_update_package() -{ - FILE* f = fopen(RECOVERY_COMMAND_FILE, "r"); - if (f == NULL) { - return NULL; - } - int fd = open(RECOVERY_COMMAND_FILE_TMP, O_WRONLY | O_CREAT | O_SYNC, S_IRUSR | S_IWUSR); - if (fd < 0) { - ALOGE("failed to open %s\n", RECOVERY_COMMAND_FILE_TMP); - return NULL; - } - FILE* fo = fdopen(fd, "w"); - char* fn = NULL; - char* line = NULL; - size_t len = 0; - while (getline(&line, &len, f) != -1) { - if (strncmp(line, "--update_package=", strlen("--update_package=")) == 0) { - fn = strdup(line + strlen("--update_package=")); - // Replace the package name with block map file if it's on /data partition. - if (strncmp(fn, "/data/", strlen("/data/")) == 0) { - fputs("--update_package=@" CACHE_BLOCK_MAP "\n", fo); - continue; - } - } - fputs(line, fo); - } - free(line); - fclose(f); - if (fsync(fd) == -1) { - ALOGE("failed to fsync \"%s\": %s\n", RECOVERY_COMMAND_FILE_TMP, strerror(errno)); - fclose(fo); - return NULL; - } - fclose(fo); - - if (fn) { - char* newline = strchr(fn, '\n'); - if (newline) *newline = 0; - } - return fn; -} - -int produce_block_map(const char* path, const char* map_file, const char* blk_dev, - int encrypted) -{ - struct stat sb; - int ret; - - int mapfd = open(map_file, O_WRONLY | O_CREAT | O_SYNC, S_IRUSR | S_IWUSR); - if (mapfd < 0) { - ALOGE("failed to open %s\n", map_file); - return -1; - } - FILE* mapf = fdopen(mapfd, "w"); - - ret = stat(path, &sb); - if (ret != 0) { - ALOGE("failed to stat %s\n", path); - return -1; - } - - ALOGI(" block size: %ld bytes\n", (long)sb.st_blksize); - - int blocks = ((sb.st_size-1) / sb.st_blksize) + 1; - ALOGI(" file size: %lld bytes, %d blocks\n", (long long)sb.st_size, blocks); - - int* ranges; - int range_alloc = 1; - int range_used = 1; - ranges = malloc(range_alloc * 2 * sizeof(int)); - ranges[0] = -1; - ranges[1] = -1; - - fprintf(mapf, "%s\n%lld %lu\n", blk_dev, (long long)sb.st_size, (unsigned long)sb.st_blksize); - - unsigned char* buffers[WINDOW_SIZE]; - int i; - if (encrypted) { - for (i = 0; i < WINDOW_SIZE; ++i) { - buffers[i] = malloc(sb.st_blksize); - } - } - int head_block = 0; - int head = 0, tail = 0; - size_t pos = 0; - - int fd = open(path, O_RDONLY); - if (fd < 0) { - ALOGE("failed to open fd for reading: %s\n", strerror(errno)); - return -1; - } - - int wfd = -1; - if (encrypted) { - wfd = open(blk_dev, O_WRONLY | O_SYNC); - if (wfd < 0) { - ALOGE("failed to open fd for writing: %s\n", strerror(errno)); - return -1; - } - } - - while (pos < sb.st_size) { - if ((tail+1) % WINDOW_SIZE == head) { - // write out head buffer - int block = head_block; - ret = ioctl(fd, FIBMAP, &block); - if (ret != 0) { - ALOGE("failed to find block %d\n", head_block); - return -1; - } - add_block_to_ranges(&ranges, &range_alloc, &range_used, block); - if (encrypted) { - if (write_at_offset(buffers[head], sb.st_blksize, wfd, (off64_t)sb.st_blksize * block) != 0) { - return -1; - } - } - head = (head + 1) % WINDOW_SIZE; - ++head_block; - } - - // read next block to tail - if (encrypted) { - size_t so_far = 0; - while (so_far < sb.st_blksize && pos < sb.st_size) { - ssize_t this_read = - TEMP_FAILURE_RETRY(read(fd, buffers[tail] + so_far, sb.st_blksize - so_far)); - if (this_read == -1) { - ALOGE("failed to read: %s\n", strerror(errno)); - return -1; - } - so_far += this_read; - pos += this_read; - } - } else { - // If we're not encrypting; we don't need to actually read - // anything, just skip pos forward as if we'd read a - // block. - pos += sb.st_blksize; - } - tail = (tail+1) % WINDOW_SIZE; - } - - while (head != tail) { - // write out head buffer - int block = head_block; - ret = ioctl(fd, FIBMAP, &block); - if (ret != 0) { - ALOGE("failed to find block %d\n", head_block); - return -1; - } - add_block_to_ranges(&ranges, &range_alloc, &range_used, block); - if (encrypted) { - if (write_at_offset(buffers[head], sb.st_blksize, wfd, (off64_t)sb.st_blksize * block) != 0) { - return -1; - } - } - head = (head + 1) % WINDOW_SIZE; - ++head_block; - } - - fprintf(mapf, "%d\n", range_used); - for (i = 0; i < range_used; ++i) { - fprintf(mapf, "%d %d\n", ranges[i*2], ranges[i*2+1]); - } - - if (fsync(mapfd) == -1) { - ALOGE("failed to fsync \"%s\": %s\n", map_file, strerror(errno)); - return -1; - } - fclose(mapf); - close(fd); - if (encrypted) { - if (fsync(wfd) == -1) { - ALOGE("failed to fsync \"%s\": %s\n", blk_dev, strerror(errno)); - return -1; - } - close(wfd); - } - - return 0; -} - -void wipe_misc() { - ALOGI("removing old commands from misc"); - int i; - for (i = 0; i < fstab->num_entries; ++i) { - struct fstab_rec* v = &fstab->recs[i]; - if (!v->mount_point) continue; - if (strcmp(v->mount_point, "/misc") == 0) { - int fd = open(v->blk_device, O_WRONLY | O_SYNC); - uint8_t zeroes[1088]; // sizeof(bootloader_message) from recovery - memset(zeroes, 0, sizeof(zeroes)); - - size_t written = 0; - size_t size = sizeof(zeroes); - while (written < size) { - ssize_t w = TEMP_FAILURE_RETRY(write(fd, zeroes, size-written)); - if (w == -1) { - ALOGE("zero write failed: %s\n", strerror(errno)); - return; - } else { - written += w; - } - } - if (fsync(fd) == -1) { - ALOGE("failed to fsync \"%s\": %s\n", v->blk_device, strerror(errno)); - close(fd); - return; - } - close(fd); - } - } -} - -void reboot_to_recovery() { - ALOGI("rebooting to recovery"); - property_set("sys.powerctl", "reboot,recovery"); - sleep(10); - ALOGE("reboot didn't succeed?"); -} - -int main(int argc, char** argv) -{ - const char* input_path; - const char* map_file; - int do_reboot = 1; - - if (argc != 1 && argc != 3) { - fprintf(stderr, "usage: %s [ ]\n", argv[0]); - return 2; - } - - if (argc == 3) { - // when command-line args are given this binary is being used - // for debugging; don't reboot to recovery at the end. - input_path = argv[1]; - map_file = argv[2]; - do_reboot = 0; - } else { - input_path = find_update_package(); - if (input_path == NULL) { - // if we're rebooting to recovery without a package (say, - // to wipe data), then we don't need to do anything before - // going to recovery. - ALOGI("no recovery command file or no update package arg"); - reboot_to_recovery(); - return 1; - } - map_file = CACHE_BLOCK_MAP; - } - - ALOGI("update package is %s", input_path); - - // Turn the name of the file we're supposed to convert into an - // absolute path, so we can find what filesystem it's on. - char path[PATH_MAX+1]; - if (realpath(input_path, path) == NULL) { - ALOGE("failed to convert %s to absolute path: %s", input_path, strerror(errno)); - return 1; - } - - int encryptable; - int encrypted; - if (read_fstab() == NULL) { - return 1; - } - const char* blk_dev = find_block_device(path, &encryptable, &encrypted); - if (blk_dev == NULL) { - ALOGE("failed to find block device for %s", path); - return 1; - } - - // If the filesystem it's on isn't encrypted, we only produce the - // block map, we don't rewrite the file contents (it would be - // pointless to do so). - ALOGI("encryptable: %s\n", encryptable ? "yes" : "no"); - ALOGI(" encrypted: %s\n", encrypted ? "yes" : "no"); - - // Recovery supports installing packages from 3 paths: /cache, - // /data, and /sdcard. (On a particular device, other locations - // may work, but those are three we actually expect.) - // - // On /data we want to convert the file to a block map so that we - // can read the package without mounting the partition. On /cache - // and /sdcard we leave the file alone. - if (strncmp(path, "/data/", 6) != 0) { - // path does not start with "/data/"; leave it alone. - unlink(RECOVERY_COMMAND_FILE_TMP); - wipe_misc(); - } else { - ALOGI("writing block map %s", map_file); - if (produce_block_map(path, map_file, blk_dev, encrypted) != 0) { - return 1; - } - wipe_misc(); - rename(RECOVERY_COMMAND_FILE_TMP, RECOVERY_COMMAND_FILE); - } - - if (do_reboot) reboot_to_recovery(); - return 0; -} diff --git a/uncrypt/uncrypt.cpp b/uncrypt/uncrypt.cpp new file mode 100644 index 000000000..11766f14c --- /dev/null +++ b/uncrypt/uncrypt.cpp @@ -0,0 +1,465 @@ +/* + * Copyright (C) 2014 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +// This program takes a file on an ext4 filesystem and produces a list +// of the blocks that file occupies, which enables the file contents +// to be read directly from the block device without mounting the +// filesystem. +// +// If the filesystem is using an encrypted block device, it will also +// read the file and rewrite it to the same blocks of the underlying +// (unencrypted) block device, so the file contents can be read +// without the need for the decryption key. +// +// The output of this program is a "block map" which looks like this: +// +// /dev/block/platform/msm_sdcc.1/by-name/userdata # block device +// 49652 4096 # file size in bytes, block size +// 3 # count of block ranges +// 1000 1008 # block range 0 +// 2100 2102 # ... block range 1 +// 30 33 # ... block range 2 +// +// Each block range represents a half-open interval; the line "30 33" +// reprents the blocks [30, 31, 32]. +// +// Recovery can take this block map file and retrieve the underlying +// file data to use as an update package. + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#define LOG_TAG "uncrypt" +#include +#include +#include + +#define WINDOW_SIZE 5 +#define RECOVERY_COMMAND_FILE "/cache/recovery/command" +#define RECOVERY_COMMAND_FILE_TMP "/cache/recovery/command.tmp" +#define CACHE_BLOCK_MAP "/cache/recovery/block.map" + +static struct fstab* fstab = NULL; + +static int write_at_offset(unsigned char* buffer, size_t size, int wfd, off64_t offset) { + if (TEMP_FAILURE_RETRY(lseek64(wfd, offset, SEEK_SET)) == -1) { + ALOGE("error seeking to offset %lld: %s\n", offset, strerror(errno)); + return -1; + } + size_t written = 0; + while (written < size) { + ssize_t wrote = TEMP_FAILURE_RETRY(write(wfd, buffer + written, size - written)); + if (wrote == -1) { + ALOGE("error writing offset %lld: %s\n", (offset + written), strerror(errno)); + return -1; + } + written += wrote; + } + return 0; +} + +static void add_block_to_ranges(int** ranges, int* range_alloc, int* range_used, int new_block) { + // If the current block start is < 0, set the start to the new + // block. (This only happens for the very first block of the very + // first range.) + if ((*ranges)[*range_used*2-2] < 0) { + (*ranges)[*range_used*2-2] = new_block; + (*ranges)[*range_used*2-1] = new_block; + } + + if (new_block == (*ranges)[*range_used*2-1]) { + // If the new block comes immediately after the current range, + // all we have to do is extend the current range. + ++(*ranges)[*range_used*2-1]; + } else { + // We need to start a new range. + + // If there isn't enough room in the array, we need to expand it. + if (*range_used >= *range_alloc) { + *range_alloc *= 2; + *ranges = reinterpret_cast(realloc(*ranges, *range_alloc * 2 * sizeof(int))); + } + + ++*range_used; + (*ranges)[*range_used*2-2] = new_block; + (*ranges)[*range_used*2-1] = new_block+1; + } +} + +static struct fstab* read_fstab() { + fstab = NULL; + + // The fstab path is always "/fstab.${ro.hardware}". + char fstab_path[PATH_MAX+1] = "/fstab."; + if (!property_get("ro.hardware", fstab_path+strlen(fstab_path), "")) { + ALOGE("failed to get ro.hardware\n"); + return NULL; + } + + fstab = fs_mgr_read_fstab(fstab_path); + if (!fstab) { + ALOGE("failed to read %s\n", fstab_path); + return NULL; + } + + return fstab; +} + +static const char* find_block_device(const char* path, bool* encryptable, bool* encrypted) { + // Look for a volume whose mount point is the prefix of path and + // return its block device. Set encrypted if it's currently + // encrypted. + for (int i = 0; i < fstab->num_entries; ++i) { + struct fstab_rec* v = &fstab->recs[i]; + if (!v->mount_point) { + continue; + } + int len = strlen(v->mount_point); + if (strncmp(path, v->mount_point, len) == 0 && + (path[len] == '/' || path[len] == 0)) { + *encrypted = false; + *encryptable = false; + if (fs_mgr_is_encryptable(v)) { + *encryptable = true; + char buffer[PROPERTY_VALUE_MAX+1]; + if (property_get("ro.crypto.state", buffer, "") && + strcmp(buffer, "encrypted") == 0) { + *encrypted = true; + } + } + return v->blk_device; + } + } + + return NULL; +} + +// Parse the command file RECOVERY_COMMAND_FILE to find the update package +// name. If it's on the /data partition, replace the package name with the +// block map file name and store it temporarily in RECOVERY_COMMAND_FILE_TMP. +// It will be renamed to RECOVERY_COMMAND_FILE if uncrypt finishes +// successfully. +static char* find_update_package() +{ + FILE* f = fopen(RECOVERY_COMMAND_FILE, "r"); + if (f == NULL) { + return NULL; + } + int fd = open(RECOVERY_COMMAND_FILE_TMP, O_WRONLY | O_CREAT | O_SYNC, S_IRUSR | S_IWUSR); + if (fd < 0) { + ALOGE("failed to open %s\n", RECOVERY_COMMAND_FILE_TMP); + return NULL; + } + FILE* fo = fdopen(fd, "w"); + char* fn = NULL; + char* line = NULL; + size_t len = 0; + while (getline(&line, &len, f) != -1) { + if (strncmp(line, "--update_package=", strlen("--update_package=")) == 0) { + fn = strdup(line + strlen("--update_package=")); + // Replace the package name with block map file if it's on /data partition. + if (strncmp(fn, "/data/", strlen("/data/")) == 0) { + fputs("--update_package=@" CACHE_BLOCK_MAP "\n", fo); + continue; + } + } + fputs(line, fo); + } + free(line); + fclose(f); + if (fsync(fd) == -1) { + ALOGE("failed to fsync \"%s\": %s\n", RECOVERY_COMMAND_FILE_TMP, strerror(errno)); + fclose(fo); + return NULL; + } + fclose(fo); + + if (fn) { + char* newline = strchr(fn, '\n'); + if (newline) { + *newline = 0; + } + } + return fn; +} + +static int produce_block_map(const char* path, const char* map_file, const char* blk_dev, + bool encrypted) { + + int mapfd = open(map_file, O_WRONLY | O_CREAT | O_SYNC, S_IRUSR | S_IWUSR); + if (mapfd < 0) { + ALOGE("failed to open %s\n", map_file); + return -1; + } + FILE* mapf = fdopen(mapfd, "w"); + + struct stat sb; + int ret = stat(path, &sb); + if (ret != 0) { + ALOGE("failed to stat %s\n", path); + return -1; + } + + ALOGI(" block size: %ld bytes\n", (long)sb.st_blksize); + + int blocks = ((sb.st_size-1) / sb.st_blksize) + 1; + ALOGI(" file size: %lld bytes, %d blocks\n", (long long)sb.st_size, blocks); + + int range_alloc = 1; + int range_used = 1; + int* ranges = reinterpret_cast(malloc(range_alloc * 2 * sizeof(int))); + ranges[0] = -1; + ranges[1] = -1; + + fprintf(mapf, "%s\n%lld %lu\n", blk_dev, (long long)sb.st_size, (unsigned long)sb.st_blksize); + + unsigned char* buffers[WINDOW_SIZE]; + if (encrypted) { + for (size_t i = 0; i < WINDOW_SIZE; ++i) { + buffers[i] = reinterpret_cast(malloc(sb.st_blksize)); + } + } + int head_block = 0; + int head = 0, tail = 0; + size_t pos = 0; + + int fd = open(path, O_RDONLY); + if (fd < 0) { + ALOGE("failed to open fd for reading: %s\n", strerror(errno)); + return -1; + } + + int wfd = -1; + if (encrypted) { + wfd = open(blk_dev, O_WRONLY | O_SYNC); + if (wfd < 0) { + ALOGE("failed to open fd for writing: %s\n", strerror(errno)); + return -1; + } + } + + while (pos < sb.st_size) { + if ((tail+1) % WINDOW_SIZE == head) { + // write out head buffer + int block = head_block; + ret = ioctl(fd, FIBMAP, &block); + if (ret != 0) { + ALOGE("failed to find block %d\n", head_block); + return -1; + } + add_block_to_ranges(&ranges, &range_alloc, &range_used, block); + if (encrypted) { + if (write_at_offset(buffers[head], sb.st_blksize, wfd, + (off64_t)sb.st_blksize * block) != 0) { + return -1; + } + } + head = (head + 1) % WINDOW_SIZE; + ++head_block; + } + + // read next block to tail + if (encrypted) { + size_t so_far = 0; + while (so_far < sb.st_blksize && pos < sb.st_size) { + ssize_t this_read = + TEMP_FAILURE_RETRY(read(fd, buffers[tail] + so_far, sb.st_blksize - so_far)); + if (this_read == -1) { + ALOGE("failed to read: %s\n", strerror(errno)); + return -1; + } + so_far += this_read; + pos += this_read; + } + } else { + // If we're not encrypting; we don't need to actually read + // anything, just skip pos forward as if we'd read a + // block. + pos += sb.st_blksize; + } + tail = (tail+1) % WINDOW_SIZE; + } + + while (head != tail) { + // write out head buffer + int block = head_block; + ret = ioctl(fd, FIBMAP, &block); + if (ret != 0) { + ALOGE("failed to find block %d\n", head_block); + return -1; + } + add_block_to_ranges(&ranges, &range_alloc, &range_used, block); + if (encrypted) { + if (write_at_offset(buffers[head], sb.st_blksize, wfd, + (off64_t)sb.st_blksize * block) != 0) { + return -1; + } + } + head = (head + 1) % WINDOW_SIZE; + ++head_block; + } + + fprintf(mapf, "%d\n", range_used); + for (int i = 0; i < range_used; ++i) { + fprintf(mapf, "%d %d\n", ranges[i*2], ranges[i*2+1]); + } + + if (fsync(mapfd) == -1) { + ALOGE("failed to fsync \"%s\": %s\n", map_file, strerror(errno)); + return -1; + } + fclose(mapf); + close(fd); + if (encrypted) { + if (fsync(wfd) == -1) { + ALOGE("failed to fsync \"%s\": %s\n", blk_dev, strerror(errno)); + return -1; + } + close(wfd); + } + + return 0; +} + +static void wipe_misc() { + ALOGI("removing old commands from misc"); + for (int i = 0; i < fstab->num_entries; ++i) { + struct fstab_rec* v = &fstab->recs[i]; + if (!v->mount_point) continue; + if (strcmp(v->mount_point, "/misc") == 0) { + int fd = open(v->blk_device, O_WRONLY | O_SYNC); + uint8_t zeroes[1088]; // sizeof(bootloader_message) from recovery + memset(zeroes, 0, sizeof(zeroes)); + + size_t written = 0; + size_t size = sizeof(zeroes); + while (written < size) { + ssize_t w = TEMP_FAILURE_RETRY(write(fd, zeroes, size-written)); + if (w == -1) { + ALOGE("zero write failed: %s\n", strerror(errno)); + return; + } else { + written += w; + } + } + if (fsync(fd) == -1) { + ALOGE("failed to fsync \"%s\": %s\n", v->blk_device, strerror(errno)); + close(fd); + return; + } + close(fd); + } + } +} + +static void reboot_to_recovery() { + ALOGI("rebooting to recovery"); + property_set("sys.powerctl", "reboot,recovery"); + sleep(10); + ALOGE("reboot didn't succeed?"); +} + +int main(int argc, char** argv) +{ + const char* input_path; + const char* map_file; + bool do_reboot = true; + + if (argc != 1 && argc != 3) { + fprintf(stderr, "usage: %s [ ]\n", argv[0]); + return 2; + } + + if (argc == 3) { + // when command-line args are given this binary is being used + // for debugging; don't reboot to recovery at the end. + input_path = argv[1]; + map_file = argv[2]; + do_reboot = false; + } else { + input_path = find_update_package(); + if (input_path == NULL) { + // if we're rebooting to recovery without a package (say, + // to wipe data), then we don't need to do anything before + // going to recovery. + ALOGI("no recovery command file or no update package arg"); + reboot_to_recovery(); + return 1; + } + map_file = CACHE_BLOCK_MAP; + } + + ALOGI("update package is %s", input_path); + + // Turn the name of the file we're supposed to convert into an + // absolute path, so we can find what filesystem it's on. + char path[PATH_MAX+1]; + if (realpath(input_path, path) == NULL) { + ALOGE("failed to convert %s to absolute path: %s", input_path, strerror(errno)); + return 1; + } + + if (read_fstab() == NULL) { + return 1; + } + + bool encryptable; + bool encrypted; + const char* blk_dev = find_block_device(path, &encryptable, &encrypted); + if (blk_dev == NULL) { + ALOGE("failed to find block device for %s", path); + return 1; + } + + // If the filesystem it's on isn't encrypted, we only produce the + // block map, we don't rewrite the file contents (it would be + // pointless to do so). + ALOGI("encryptable: %s\n", encryptable ? "yes" : "no"); + ALOGI(" encrypted: %s\n", encrypted ? "yes" : "no"); + + // Recovery supports installing packages from 3 paths: /cache, + // /data, and /sdcard. (On a particular device, other locations + // may work, but those are three we actually expect.) + // + // On /data we want to convert the file to a block map so that we + // can read the package without mounting the partition. On /cache + // and /sdcard we leave the file alone. + if (strncmp(path, "/data/", 6) != 0) { + // path does not start with "/data/"; leave it alone. + unlink(RECOVERY_COMMAND_FILE_TMP); + wipe_misc(); + } else { + ALOGI("writing block map %s", map_file); + if (produce_block_map(path, map_file, blk_dev, encrypted) != 0) { + return 1; + } + wipe_misc(); + rename(RECOVERY_COMMAND_FILE_TMP, RECOVERY_COMMAND_FILE); + } + + if (do_reboot) { + reboot_to_recovery(); + } + return 0; +} -- cgit v1.2.3 From 158e11d6738a751b754d09df7275add589c31191 Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Thu, 21 May 2015 16:44:44 -0700 Subject: Separate uncrypt into two modes uncrypt needs to be triggered to prepare the OTA package before rebooting into the recovery. Separate uncrypt into two modes. In mode 1, it uncrypts the OTA package, but will not reboot the device. In mode 2, it wipes the /misc partition and reboots. Needs matching changes in frameworks/base, system/core and external/sepolicy to work properly. Bug: 20012567 Bug: 20949086 Change-Id: I14d25cb62770dd405cb56824d05d649c3a94f315 --- uncrypt/Android.mk | 2 +- uncrypt/uncrypt.cpp | 191 ++++++++++++++++++++++++++-------------------------- 2 files changed, 95 insertions(+), 98 deletions(-) (limited to 'uncrypt') diff --git a/uncrypt/Android.mk b/uncrypt/Android.mk index d832d9724..c7d4d3746 100644 --- a/uncrypt/Android.mk +++ b/uncrypt/Android.mk @@ -20,6 +20,6 @@ LOCAL_SRC_FILES := uncrypt.cpp LOCAL_MODULE := uncrypt -LOCAL_STATIC_LIBRARIES := libfs_mgr liblog libcutils +LOCAL_STATIC_LIBRARIES := libbase liblog libfs_mgr libcutils include $(BUILD_EXECUTABLE) diff --git a/uncrypt/uncrypt.cpp b/uncrypt/uncrypt.cpp index 11766f14c..6e670a449 100644 --- a/uncrypt/uncrypt.cpp +++ b/uncrypt/uncrypt.cpp @@ -40,25 +40,29 @@ // file data to use as an update package. #include +#include +#include +#include #include #include #include -#include -#include -#include -#include -#include #include +#include +#include +#include -#define LOG_TAG "uncrypt" -#include +#include +#include #include #include +#define LOG_TAG "uncrypt" +#include #define WINDOW_SIZE 5 -#define RECOVERY_COMMAND_FILE "/cache/recovery/command" -#define RECOVERY_COMMAND_FILE_TMP "/cache/recovery/command.tmp" -#define CACHE_BLOCK_MAP "/cache/recovery/block.map" + +static const std::string cache_block_map = "/cache/recovery/block.map"; +static const std::string status_file = "/cache/recovery/uncrypt_status"; +static const std::string uncrypt_file = "/cache/recovery/uncrypt_file"; static struct fstab* fstab = NULL; @@ -155,65 +159,35 @@ static const char* find_block_device(const char* path, bool* encryptable, bool* return NULL; } -// Parse the command file RECOVERY_COMMAND_FILE to find the update package -// name. If it's on the /data partition, replace the package name with the -// block map file name and store it temporarily in RECOVERY_COMMAND_FILE_TMP. -// It will be renamed to RECOVERY_COMMAND_FILE if uncrypt finishes -// successfully. -static char* find_update_package() +// Parse uncrypt_file to find the update package name. +static bool find_uncrypt_package(std::string& package_name) { - FILE* f = fopen(RECOVERY_COMMAND_FILE, "r"); - if (f == NULL) { - return NULL; + if (!android::base::ReadFileToString(uncrypt_file, &package_name)) { + ALOGE("failed to open \"%s\": %s\n", uncrypt_file.c_str(), strerror(errno)); + return false; } - int fd = open(RECOVERY_COMMAND_FILE_TMP, O_WRONLY | O_CREAT | O_SYNC, S_IRUSR | S_IWUSR); - if (fd < 0) { - ALOGE("failed to open %s\n", RECOVERY_COMMAND_FILE_TMP); - return NULL; - } - FILE* fo = fdopen(fd, "w"); - char* fn = NULL; - char* line = NULL; - size_t len = 0; - while (getline(&line, &len, f) != -1) { - if (strncmp(line, "--update_package=", strlen("--update_package=")) == 0) { - fn = strdup(line + strlen("--update_package=")); - // Replace the package name with block map file if it's on /data partition. - if (strncmp(fn, "/data/", strlen("/data/")) == 0) { - fputs("--update_package=@" CACHE_BLOCK_MAP "\n", fo); - continue; - } - } - fputs(line, fo); - } - free(line); - fclose(f); - if (fsync(fd) == -1) { - ALOGE("failed to fsync \"%s\": %s\n", RECOVERY_COMMAND_FILE_TMP, strerror(errno)); - fclose(fo); - return NULL; - } - fclose(fo); - if (fn) { - char* newline = strchr(fn, '\n'); - if (newline) { - *newline = 0; - } - } - return fn; + // Remove the trailing '\n' if present. + package_name = android::base::Trim(package_name); + + return true; } static int produce_block_map(const char* path, const char* map_file, const char* blk_dev, - bool encrypted) { - + bool encrypted, int status_fd) { int mapfd = open(map_file, O_WRONLY | O_CREAT | O_SYNC, S_IRUSR | S_IWUSR); - if (mapfd < 0) { + if (mapfd == -1) { ALOGE("failed to open %s\n", map_file); return -1; } FILE* mapf = fdopen(mapfd, "w"); + // Make sure we can write to the status_file. + if (!android::base::WriteStringToFd("0\n", status_fd)) { + ALOGE("failed to update \"%s\"\n", status_file.c_str()); + return -1; + } + struct stat sb; int ret = stat(path, &sb); if (ret != 0) { @@ -259,7 +233,15 @@ static int produce_block_map(const char* path, const char* map_file, const char* } } + int last_progress = 0; while (pos < sb.st_size) { + // Update the status file, progress must be between [0, 99]. + int progress = static_cast(100 * (double(pos) / double(sb.st_size))); + if (progress > last_progress) { + last_progress = progress; + android::base::WriteStringToFd(std::to_string(progress) + "\n", status_fd); + } + if ((tail+1) % WINDOW_SIZE == head) { // write out head buffer int block = head_block; @@ -380,43 +362,15 @@ static void reboot_to_recovery() { ALOGE("reboot didn't succeed?"); } -int main(int argc, char** argv) -{ - const char* input_path; - const char* map_file; - bool do_reboot = true; - - if (argc != 1 && argc != 3) { - fprintf(stderr, "usage: %s [ ]\n", argv[0]); - return 2; - } - - if (argc == 3) { - // when command-line args are given this binary is being used - // for debugging; don't reboot to recovery at the end. - input_path = argv[1]; - map_file = argv[2]; - do_reboot = false; - } else { - input_path = find_update_package(); - if (input_path == NULL) { - // if we're rebooting to recovery without a package (say, - // to wipe data), then we don't need to do anything before - // going to recovery. - ALOGI("no recovery command file or no update package arg"); - reboot_to_recovery(); - return 1; - } - map_file = CACHE_BLOCK_MAP; - } +int uncrypt(const char* input_path, const char* map_file, int status_fd) { - ALOGI("update package is %s", input_path); + ALOGI("update package is \"%s\"", input_path); // Turn the name of the file we're supposed to convert into an // absolute path, so we can find what filesystem it's on. char path[PATH_MAX+1]; if (realpath(input_path, path) == NULL) { - ALOGE("failed to convert %s to absolute path: %s", input_path, strerror(errno)); + ALOGE("failed to convert \"%s\" to absolute path: %s", input_path, strerror(errno)); return 1; } @@ -445,21 +399,64 @@ int main(int argc, char** argv) // On /data we want to convert the file to a block map so that we // can read the package without mounting the partition. On /cache // and /sdcard we leave the file alone. - if (strncmp(path, "/data/", 6) != 0) { - // path does not start with "/data/"; leave it alone. - unlink(RECOVERY_COMMAND_FILE_TMP); - wipe_misc(); - } else { + if (strncmp(path, "/data/", 6) == 0) { ALOGI("writing block map %s", map_file); - if (produce_block_map(path, map_file, blk_dev, encrypted) != 0) { + if (produce_block_map(path, map_file, blk_dev, encrypted, status_fd) != 0) { return 1; } - wipe_misc(); - rename(RECOVERY_COMMAND_FILE_TMP, RECOVERY_COMMAND_FILE); } - if (do_reboot) { + return 0; +} + +int main(int argc, char** argv) { + const char* input_path; + const char* map_file; + + if (argc != 3 && argc != 1 && (argc == 2 && strcmp(argv[1], "--reboot") != 0)) { + fprintf(stderr, "usage: %s [--reboot] [ ]\n", argv[0]); + return 2; + } + + // When uncrypt is started with "--reboot", it wipes misc and reboots. + // Otherwise it uncrypts the package and writes the block map. + if (argc == 2) { + if (read_fstab() == NULL) { + return 1; + } + wipe_misc(); reboot_to_recovery(); + } else { + std::string package; + if (argc == 3) { + // when command-line args are given this binary is being used + // for debugging. + input_path = argv[1]; + map_file = argv[2]; + } else { + if (!find_uncrypt_package(package)) { + return 1; + } + input_path = package.c_str(); + map_file = cache_block_map.c_str(); + } + + // The pipe has been created by the system server. + int status_fd = open(status_file.c_str(), O_WRONLY | O_CREAT | O_SYNC, S_IRUSR | S_IWUSR); + if (status_fd == -1) { + ALOGE("failed to open pipe \"%s\": %s\n", status_file.c_str(), strerror(errno)); + return 1; + } + int status = uncrypt(input_path, map_file, status_fd); + if (status != 0) { + android::base::WriteStringToFd("-1\n", status_fd); + close(status_fd); + return 1; + } + + android::base::WriteStringToFd("100\n", status_fd); + close(status_fd); } + return 0; } -- cgit v1.2.3 From 2c2cae8a4a18b85043bb6260a59ac7d1589016bf Mon Sep 17 00:00:00 2001 From: Tao Bao Date: Fri, 29 May 2015 14:24:02 -0700 Subject: uncrypt: Write status when it reboots to factory reset When it reboots into recovery for a factory reset, it still needs to write the uncrypt status (-1) to the pipe. Bug: 21511893 Change-Id: I1a725820f1e1875146e49b5a6f28af2fbf284fc7 --- uncrypt/uncrypt.cpp | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) (limited to 'uncrypt') diff --git a/uncrypt/uncrypt.cpp b/uncrypt/uncrypt.cpp index 6e670a449..1db3013c6 100644 --- a/uncrypt/uncrypt.cpp +++ b/uncrypt/uncrypt.cpp @@ -427,26 +427,29 @@ int main(int argc, char** argv) { wipe_misc(); reboot_to_recovery(); } else { - std::string package; + // The pipe has been created by the system server. + int status_fd = open(status_file.c_str(), O_WRONLY | O_CREAT | O_SYNC, S_IRUSR | S_IWUSR); + if (status_fd == -1) { + ALOGE("failed to open pipe \"%s\": %s\n", status_file.c_str(), strerror(errno)); + return 1; + } + if (argc == 3) { // when command-line args are given this binary is being used // for debugging. input_path = argv[1]; map_file = argv[2]; } else { + std::string package; if (!find_uncrypt_package(package)) { + android::base::WriteStringToFd("-1\n", status_fd); + close(status_fd); return 1; } input_path = package.c_str(); map_file = cache_block_map.c_str(); } - // The pipe has been created by the system server. - int status_fd = open(status_file.c_str(), O_WRONLY | O_CREAT | O_SYNC, S_IRUSR | S_IWUSR); - if (status_fd == -1) { - ALOGE("failed to open pipe \"%s\": %s\n", status_file.c_str(), strerror(errno)); - return 1; - } int status = uncrypt(input_path, map_file, status_fd); if (status != 0) { android::base::WriteStringToFd("-1\n", status_fd); -- cgit v1.2.3