• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 //
2 // Copyright (C) 2012 The Android Open Source Project
3 //
4 // Licensed under the Apache License, Version 2.0 (the "License");
5 // you may not use this file except in compliance with the License.
6 // You may obtain a copy of the License at
7 //
8 //      http://www.apache.org/licenses/LICENSE-2.0
9 //
10 // Unless required by applicable law or agreed to in writing, software
11 // distributed under the License is distributed on an "AS IS" BASIS,
12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 // See the License for the specific language governing permissions and
14 // limitations under the License.
15 //
16 
17 #include "update_engine/common/utils.h"
18 
19 #include <stdint.h>
20 
21 #include <dirent.h>
22 #include <elf.h>
23 #include <endian.h>
24 #include <errno.h>
25 #include <fcntl.h>
26 #include <stdio.h>
27 #include <stdlib.h>
28 #include <string.h>
29 #include <sys/mount.h>
30 #include <sys/resource.h>
31 #include <sys/stat.h>
32 #include <sys/types.h>
33 #include <unistd.h>
34 
35 #include <algorithm>
36 #include <utility>
37 #include <vector>
38 
39 #include <base/callback.h>
40 #include <base/files/file_path.h>
41 #include <base/files/file_util.h>
42 #include <base/files/scoped_file.h>
43 #include <base/format_macros.h>
44 #include <base/location.h>
45 #include <base/logging.h>
46 #include <base/posix/eintr_wrapper.h>
47 #include <base/rand_util.h>
48 #include <base/strings/string_number_conversions.h>
49 #include <base/strings/string_split.h>
50 #include <base/strings/string_util.h>
51 #include <base/strings/stringprintf.h>
52 #include <brillo/data_encoding.h>
53 
54 #include "update_engine/common/clock_interface.h"
55 #include "update_engine/common/constants.h"
56 #include "update_engine/common/platform_constants.h"
57 #include "update_engine/common/prefs_interface.h"
58 #include "update_engine/common/subprocess.h"
59 #include "update_engine/payload_consumer/file_descriptor.h"
60 
61 using base::Time;
62 using base::TimeDelta;
63 using std::min;
64 using std::numeric_limits;
65 using std::pair;
66 using std::string;
67 using std::vector;
68 
69 namespace chromeos_update_engine {
70 
71 namespace {
72 
73 // The following constants control how UnmountFilesystem should retry if
74 // umount() fails with an errno EBUSY, i.e. retry 5 times over the course of
75 // one second.
76 const int kUnmountMaxNumOfRetries = 5;
77 const int kUnmountRetryIntervalInMicroseconds = 200 * 1000;  // 200 ms
78 
79 // Number of bytes to read from a file to attempt to detect its contents. Used
80 // in GetFileFormat.
81 const int kGetFileFormatMaxHeaderSize = 32;
82 
83 // The path to the kernel's boot_id.
84 const char kBootIdPath[] = "/proc/sys/kernel/random/boot_id";
85 
86 // Return true if |disk_name| is an MTD or a UBI device. Note that this test is
87 // simply based on the name of the device.
IsMtdDeviceName(const string & disk_name)88 bool IsMtdDeviceName(const string& disk_name) {
89   return base::StartsWith(
90              disk_name, "/dev/ubi", base::CompareCase::SENSITIVE) ||
91          base::StartsWith(disk_name, "/dev/mtd", base::CompareCase::SENSITIVE);
92 }
93 
94 // Return the device name for the corresponding partition on a NAND device.
95 // WARNING: This function returns device names that are not mountable.
MakeNandPartitionName(int partition_num)96 string MakeNandPartitionName(int partition_num) {
97   switch (partition_num) {
98     case 2:
99     case 4:
100     case 6: {
101       return base::StringPrintf("/dev/mtd%d", partition_num);
102     }
103     default: {
104       return base::StringPrintf("/dev/ubi%d_0", partition_num);
105     }
106   }
107 }
108 
109 // Return the device name for the corresponding partition on a NAND device that
110 // may be mountable (but may not be writable).
MakeNandPartitionNameForMount(int partition_num)111 string MakeNandPartitionNameForMount(int partition_num) {
112   switch (partition_num) {
113     case 2:
114     case 4:
115     case 6: {
116       return base::StringPrintf("/dev/mtd%d", partition_num);
117     }
118     case 3:
119     case 5:
120     case 7: {
121       return base::StringPrintf("/dev/ubiblock%d_0", partition_num);
122     }
123     default: {
124       return base::StringPrintf("/dev/ubi%d_0", partition_num);
125     }
126   }
127 }
128 
129 // If |path| is absolute, or explicit relative to the current working directory,
130 // leaves it as is. Otherwise, uses the system's temp directory, as defined by
131 // base::GetTempDir() and prepends it to |path|. On success stores the full
132 // temporary path in |template_path| and returns true.
GetTempName(const string & path,base::FilePath * template_path)133 bool GetTempName(const string& path, base::FilePath* template_path) {
134   if (path[0] == '/' ||
135       base::StartsWith(path, "./", base::CompareCase::SENSITIVE) ||
136       base::StartsWith(path, "../", base::CompareCase::SENSITIVE)) {
137     *template_path = base::FilePath(path);
138     return true;
139   }
140 
141   base::FilePath temp_dir;
142 #ifdef __ANDROID__
143   temp_dir = base::FilePath(constants::kNonVolatileDirectory).Append("tmp");
144 #else
145   TEST_AND_RETURN_FALSE(base::GetTempDir(&temp_dir));
146 #endif  // __ANDROID__
147   if (!base::PathExists(temp_dir))
148     TEST_AND_RETURN_FALSE(base::CreateDirectory(temp_dir));
149   *template_path = temp_dir.Append(path);
150   return true;
151 }
152 
153 }  // namespace
154 
155 namespace utils {
156 
ParseECVersion(string input_line)157 string ParseECVersion(string input_line) {
158   base::TrimWhitespaceASCII(input_line, base::TRIM_ALL, &input_line);
159 
160   // At this point we want to convert the format key=value pair from mosys to
161   // a vector of key value pairs.
162   vector<pair<string, string>> kv_pairs;
163   if (base::SplitStringIntoKeyValuePairs(input_line, '=', ' ', &kv_pairs)) {
164     for (const pair<string, string>& kv_pair : kv_pairs) {
165       // Finally match against the fw_verion which may have quotes.
166       if (kv_pair.first == "fw_version") {
167         string output;
168         // Trim any quotes.
169         base::TrimString(kv_pair.second, "\"", &output);
170         return output;
171       }
172     }
173   }
174   LOG(ERROR) << "Unable to parse fwid from ec info.";
175   return "";
176 }
177 
WriteFile(const char * path,const void * data,size_t data_len)178 bool WriteFile(const char* path, const void* data, size_t data_len) {
179   int fd = HANDLE_EINTR(open(path, O_WRONLY | O_CREAT | O_TRUNC, 0600));
180   TEST_AND_RETURN_FALSE_ERRNO(fd >= 0);
181   ScopedFdCloser fd_closer(&fd);
182   return WriteAll(fd, data, data_len);
183 }
184 
ReadAll(int fd,void * buf,size_t count,size_t * out_bytes_read,bool * eof)185 bool ReadAll(
186     int fd, void* buf, size_t count, size_t* out_bytes_read, bool* eof) {
187   char* c_buf = static_cast<char*>(buf);
188   size_t bytes_read = 0;
189   *eof = false;
190   while (bytes_read < count) {
191     ssize_t rc = HANDLE_EINTR(read(fd, c_buf + bytes_read, count - bytes_read));
192     if (rc < 0) {
193       // EAGAIN and EWOULDBLOCK are normal return values when there's no more
194       // input and we are in non-blocking mode.
195       if (errno != EWOULDBLOCK && errno != EAGAIN) {
196         PLOG(ERROR) << "Error reading fd " << fd;
197         *out_bytes_read = bytes_read;
198         return false;
199       }
200       break;
201     } else if (rc == 0) {
202       // A value of 0 means that we reached EOF and there is nothing else to
203       // read from this fd.
204       *eof = true;
205       break;
206     } else {
207       bytes_read += rc;
208     }
209   }
210   *out_bytes_read = bytes_read;
211   return true;
212 }
213 
WriteAll(int fd,const void * buf,size_t count)214 bool WriteAll(int fd, const void* buf, size_t count) {
215   const char* c_buf = static_cast<const char*>(buf);
216   ssize_t bytes_written = 0;
217   while (bytes_written < static_cast<ssize_t>(count)) {
218     ssize_t rc = write(fd, c_buf + bytes_written, count - bytes_written);
219     TEST_AND_RETURN_FALSE_ERRNO(rc >= 0);
220     bytes_written += rc;
221   }
222   return true;
223 }
224 
PWriteAll(int fd,const void * buf,size_t count,off_t offset)225 bool PWriteAll(int fd, const void* buf, size_t count, off_t offset) {
226   const char* c_buf = static_cast<const char*>(buf);
227   size_t bytes_written = 0;
228   int num_attempts = 0;
229   while (bytes_written < count) {
230     num_attempts++;
231     ssize_t rc = pwrite(fd,
232                         c_buf + bytes_written,
233                         count - bytes_written,
234                         offset + bytes_written);
235     // TODO(garnold) for debugging failure in chromium-os:31077; to be removed.
236     if (rc < 0) {
237       PLOG(ERROR) << "pwrite error; num_attempts=" << num_attempts
238                   << " bytes_written=" << bytes_written << " count=" << count
239                   << " offset=" << offset;
240     }
241     TEST_AND_RETURN_FALSE_ERRNO(rc >= 0);
242     bytes_written += rc;
243   }
244   return true;
245 }
246 
WriteAll(const FileDescriptorPtr & fd,const void * buf,size_t count)247 bool WriteAll(const FileDescriptorPtr& fd, const void* buf, size_t count) {
248   const char* c_buf = static_cast<const char*>(buf);
249   ssize_t bytes_written = 0;
250   while (bytes_written < static_cast<ssize_t>(count)) {
251     ssize_t rc = fd->Write(c_buf + bytes_written, count - bytes_written);
252     TEST_AND_RETURN_FALSE_ERRNO(rc >= 0);
253     bytes_written += rc;
254   }
255   return true;
256 }
257 
PWriteAll(const FileDescriptorPtr & fd,const void * buf,size_t count,off_t offset)258 bool PWriteAll(const FileDescriptorPtr& fd,
259                const void* buf,
260                size_t count,
261                off_t offset) {
262   TEST_AND_RETURN_FALSE_ERRNO(fd->Seek(offset, SEEK_SET) !=
263                               static_cast<off_t>(-1));
264   return WriteAll(fd, buf, count);
265 }
266 
PReadAll(int fd,void * buf,size_t count,off_t offset,ssize_t * out_bytes_read)267 bool PReadAll(
268     int fd, void* buf, size_t count, off_t offset, ssize_t* out_bytes_read) {
269   char* c_buf = static_cast<char*>(buf);
270   ssize_t bytes_read = 0;
271   while (bytes_read < static_cast<ssize_t>(count)) {
272     ssize_t rc =
273         pread(fd, c_buf + bytes_read, count - bytes_read, offset + bytes_read);
274     TEST_AND_RETURN_FALSE_ERRNO(rc >= 0);
275     if (rc == 0) {
276       break;
277     }
278     bytes_read += rc;
279   }
280   *out_bytes_read = bytes_read;
281   return true;
282 }
283 
PReadAll(const FileDescriptorPtr & fd,void * buf,size_t count,off_t offset,ssize_t * out_bytes_read)284 bool PReadAll(const FileDescriptorPtr& fd,
285               void* buf,
286               size_t count,
287               off_t offset,
288               ssize_t* out_bytes_read) {
289   TEST_AND_RETURN_FALSE_ERRNO(fd->Seek(offset, SEEK_SET) !=
290                               static_cast<off_t>(-1));
291   char* c_buf = static_cast<char*>(buf);
292   ssize_t bytes_read = 0;
293   while (bytes_read < static_cast<ssize_t>(count)) {
294     ssize_t rc = fd->Read(c_buf + bytes_read, count - bytes_read);
295     TEST_AND_RETURN_FALSE_ERRNO(rc >= 0);
296     if (rc == 0) {
297       break;
298     }
299     bytes_read += rc;
300   }
301   *out_bytes_read = bytes_read;
302   return true;
303 }
304 
305 // Append |nbytes| of content from |buf| to the vector pointed to by either
306 // |vec_p| or |str_p|.
AppendBytes(const uint8_t * buf,size_t nbytes,brillo::Blob * vec_p)307 static void AppendBytes(const uint8_t* buf,
308                         size_t nbytes,
309                         brillo::Blob* vec_p) {
310   CHECK(buf);
311   CHECK(vec_p);
312   vec_p->insert(vec_p->end(), buf, buf + nbytes);
313 }
AppendBytes(const uint8_t * buf,size_t nbytes,string * str_p)314 static void AppendBytes(const uint8_t* buf, size_t nbytes, string* str_p) {
315   CHECK(buf);
316   CHECK(str_p);
317   str_p->append(buf, buf + nbytes);
318 }
319 
320 // Reads from an open file |fp|, appending the read content to the container
321 // pointer to by |out_p|.  Returns true upon successful reading all of the
322 // file's content, false otherwise. If |size| is not -1, reads up to |size|
323 // bytes.
324 template <class T>
Read(FILE * fp,off_t size,T * out_p)325 static bool Read(FILE* fp, off_t size, T* out_p) {
326   CHECK(fp);
327   CHECK(size == -1 || size >= 0);
328   uint8_t buf[1024];
329   while (size == -1 || size > 0) {
330     off_t bytes_to_read = sizeof(buf);
331     if (size > 0 && bytes_to_read > size) {
332       bytes_to_read = size;
333     }
334     size_t nbytes = fread(buf, 1, bytes_to_read, fp);
335     if (!nbytes) {
336       break;
337     }
338     AppendBytes(buf, nbytes, out_p);
339     if (size != -1) {
340       CHECK(size >= static_cast<off_t>(nbytes));
341       size -= nbytes;
342     }
343   }
344   if (ferror(fp)) {
345     return false;
346   }
347   return size == 0 || feof(fp);
348 }
349 
350 // Opens a file |path| for reading and appends its the contents to a container
351 // |out_p|. Starts reading the file from |offset|. If |offset| is beyond the end
352 // of the file, returns success. If |size| is not -1, reads up to |size| bytes.
353 template <class T>
ReadFileChunkAndAppend(const string & path,off_t offset,off_t size,T * out_p)354 static bool ReadFileChunkAndAppend(const string& path,
355                                    off_t offset,
356                                    off_t size,
357                                    T* out_p) {
358   CHECK_GE(offset, 0);
359   CHECK(size == -1 || size >= 0);
360   base::ScopedFILE fp(fopen(path.c_str(), "r"));
361   if (!fp.get())
362     return false;
363   if (offset) {
364     // Return success without appending any data if a chunk beyond the end of
365     // the file is requested.
366     if (offset >= FileSize(path)) {
367       return true;
368     }
369     TEST_AND_RETURN_FALSE_ERRNO(fseek(fp.get(), offset, SEEK_SET) == 0);
370   }
371   return Read(fp.get(), size, out_p);
372 }
373 
374 // TODO(deymo): This is only used in unittest, but requires the private
375 // Read<string>() defined here. Expose Read<string>() or move to base/ version.
ReadPipe(const string & cmd,string * out_p)376 bool ReadPipe(const string& cmd, string* out_p) {
377   FILE* fp = popen(cmd.c_str(), "r");
378   if (!fp)
379     return false;
380   bool success = Read(fp, -1, out_p);
381   return (success && pclose(fp) >= 0);
382 }
383 
ReadFile(const string & path,brillo::Blob * out_p)384 bool ReadFile(const string& path, brillo::Blob* out_p) {
385   return ReadFileChunkAndAppend(path, 0, -1, out_p);
386 }
387 
ReadFile(const string & path,string * out_p)388 bool ReadFile(const string& path, string* out_p) {
389   return ReadFileChunkAndAppend(path, 0, -1, out_p);
390 }
391 
ReadFileChunk(const string & path,off_t offset,off_t size,brillo::Blob * out_p)392 bool ReadFileChunk(const string& path,
393                    off_t offset,
394                    off_t size,
395                    brillo::Blob* out_p) {
396   return ReadFileChunkAndAppend(path, offset, size, out_p);
397 }
398 
BlockDevSize(int fd)399 off_t BlockDevSize(int fd) {
400   uint64_t dev_size;
401   int rc = ioctl(fd, BLKGETSIZE64, &dev_size);
402   if (rc == -1) {
403     dev_size = -1;
404     PLOG(ERROR) << "Error running ioctl(BLKGETSIZE64) on " << fd;
405   }
406   return dev_size;
407 }
408 
FileSize(int fd)409 off_t FileSize(int fd) {
410   struct stat stbuf;
411   int rc = fstat(fd, &stbuf);
412   CHECK_EQ(rc, 0);
413   if (rc < 0) {
414     PLOG(ERROR) << "Error stat-ing " << fd;
415     return rc;
416   }
417   if (S_ISREG(stbuf.st_mode))
418     return stbuf.st_size;
419   if (S_ISBLK(stbuf.st_mode))
420     return BlockDevSize(fd);
421   LOG(ERROR) << "Couldn't determine the type of " << fd;
422   return -1;
423 }
424 
FileSize(const string & path)425 off_t FileSize(const string& path) {
426   int fd = open(path.c_str(), O_RDONLY | O_CLOEXEC);
427   if (fd == -1) {
428     PLOG(ERROR) << "Error opening " << path;
429     return fd;
430   }
431   off_t size = FileSize(fd);
432   if (size == -1)
433     PLOG(ERROR) << "Error getting file size of " << path;
434   close(fd);
435   return size;
436 }
437 
HexDumpArray(const uint8_t * const arr,const size_t length)438 void HexDumpArray(const uint8_t* const arr, const size_t length) {
439   LOG(INFO) << "Logging array of length: " << length;
440   const unsigned int bytes_per_line = 16;
441   for (uint32_t i = 0; i < length; i += bytes_per_line) {
442     const unsigned int bytes_remaining = length - i;
443     const unsigned int bytes_per_this_line =
444         min(bytes_per_line, bytes_remaining);
445     char header[100];
446     int r = snprintf(header, sizeof(header), "0x%08x : ", i);
447     TEST_AND_RETURN(r == 13);
448     string line = header;
449     for (unsigned int j = 0; j < bytes_per_this_line; j++) {
450       char buf[20];
451       uint8_t c = arr[i + j];
452       r = snprintf(buf, sizeof(buf), "%02x ", static_cast<unsigned int>(c));
453       TEST_AND_RETURN(r == 3);
454       line += buf;
455     }
456     LOG(INFO) << line;
457   }
458 }
459 
SplitPartitionName(const string & partition_name,string * out_disk_name,int * out_partition_num)460 bool SplitPartitionName(const string& partition_name,
461                         string* out_disk_name,
462                         int* out_partition_num) {
463   if (!base::StartsWith(
464           partition_name, "/dev/", base::CompareCase::SENSITIVE)) {
465     LOG(ERROR) << "Invalid partition device name: " << partition_name;
466     return false;
467   }
468 
469   size_t last_nondigit_pos = partition_name.find_last_not_of("0123456789");
470   if (last_nondigit_pos == string::npos ||
471       (last_nondigit_pos + 1) == partition_name.size()) {
472     LOG(ERROR) << "Unable to parse partition device name: " << partition_name;
473     return false;
474   }
475 
476   size_t partition_name_len = string::npos;
477   if (partition_name[last_nondigit_pos] == '_') {
478     // NAND block devices have weird naming which could be something
479     // like "/dev/ubiblock2_0". We discard "_0" in such a case.
480     size_t prev_nondigit_pos =
481         partition_name.find_last_not_of("0123456789", last_nondigit_pos - 1);
482     if (prev_nondigit_pos == string::npos ||
483         (prev_nondigit_pos + 1) == last_nondigit_pos) {
484       LOG(ERROR) << "Unable to parse partition device name: " << partition_name;
485       return false;
486     }
487 
488     partition_name_len = last_nondigit_pos - prev_nondigit_pos;
489     last_nondigit_pos = prev_nondigit_pos;
490   }
491 
492   if (out_disk_name) {
493     // Special case for MMC devices which have the following naming scheme:
494     // mmcblk0p2
495     size_t disk_name_len = last_nondigit_pos;
496     if (partition_name[last_nondigit_pos] != 'p' || last_nondigit_pos == 0 ||
497         !isdigit(partition_name[last_nondigit_pos - 1])) {
498       disk_name_len++;
499     }
500     *out_disk_name = partition_name.substr(0, disk_name_len);
501   }
502 
503   if (out_partition_num) {
504     string partition_str =
505         partition_name.substr(last_nondigit_pos + 1, partition_name_len);
506     *out_partition_num = atoi(partition_str.c_str());
507   }
508   return true;
509 }
510 
MakePartitionName(const string & disk_name,int partition_num)511 string MakePartitionName(const string& disk_name, int partition_num) {
512   if (partition_num < 1) {
513     LOG(ERROR) << "Invalid partition number: " << partition_num;
514     return string();
515   }
516 
517   if (!base::StartsWith(disk_name, "/dev/", base::CompareCase::SENSITIVE)) {
518     LOG(ERROR) << "Invalid disk name: " << disk_name;
519     return string();
520   }
521 
522   if (IsMtdDeviceName(disk_name)) {
523     // Special case for UBI block devices.
524     //   1. ubiblock is not writable, we need to use plain "ubi".
525     //   2. There is a "_0" suffix.
526     return MakeNandPartitionName(partition_num);
527   }
528 
529   string partition_name = disk_name;
530   if (isdigit(partition_name.back())) {
531     // Special case for devices with names ending with a digit.
532     // Add "p" to separate the disk name from partition number,
533     // e.g. "/dev/loop0p2"
534     partition_name += 'p';
535   }
536 
537   partition_name += std::to_string(partition_num);
538 
539   return partition_name;
540 }
541 
MakePartitionNameForMount(const string & part_name)542 string MakePartitionNameForMount(const string& part_name) {
543   if (IsMtdDeviceName(part_name)) {
544     int partition_num;
545     if (!SplitPartitionName(part_name, nullptr, &partition_num)) {
546       return "";
547     }
548     return MakeNandPartitionNameForMount(partition_num);
549   }
550   return part_name;
551 }
552 
ErrnoNumberAsString(int err)553 string ErrnoNumberAsString(int err) {
554   char buf[100];
555   buf[0] = '\0';
556   return strerror_r(err, buf, sizeof(buf));
557 }
558 
FileExists(const char * path)559 bool FileExists(const char* path) {
560   struct stat stbuf;
561   return 0 == lstat(path, &stbuf);
562 }
563 
IsSymlink(const char * path)564 bool IsSymlink(const char* path) {
565   struct stat stbuf;
566   return lstat(path, &stbuf) == 0 && S_ISLNK(stbuf.st_mode) != 0;
567 }
568 
TryAttachingUbiVolume(int volume_num,int timeout)569 bool TryAttachingUbiVolume(int volume_num, int timeout) {
570   const string volume_path = base::StringPrintf("/dev/ubi%d_0", volume_num);
571   if (FileExists(volume_path.c_str())) {
572     return true;
573   }
574 
575   int exit_code;
576   vector<string> cmd = {"ubiattach",
577                         "-m",
578                         base::StringPrintf("%d", volume_num),
579                         "-d",
580                         base::StringPrintf("%d", volume_num)};
581   TEST_AND_RETURN_FALSE(Subprocess::SynchronousExec(cmd, &exit_code, nullptr));
582   TEST_AND_RETURN_FALSE(exit_code == 0);
583 
584   cmd = {"ubiblock", "--create", volume_path};
585   TEST_AND_RETURN_FALSE(Subprocess::SynchronousExec(cmd, &exit_code, nullptr));
586   TEST_AND_RETURN_FALSE(exit_code == 0);
587 
588   while (timeout > 0 && !FileExists(volume_path.c_str())) {
589     sleep(1);
590     timeout--;
591   }
592 
593   return FileExists(volume_path.c_str());
594 }
595 
MakeTempFile(const string & base_filename_template,string * filename,int * fd)596 bool MakeTempFile(const string& base_filename_template,
597                   string* filename,
598                   int* fd) {
599   base::FilePath filename_template;
600   TEST_AND_RETURN_FALSE(
601       GetTempName(base_filename_template, &filename_template));
602   DCHECK(filename || fd);
603   vector<char> buf(filename_template.value().size() + 1);
604   memcpy(buf.data(),
605          filename_template.value().data(),
606          filename_template.value().size());
607   buf[filename_template.value().size()] = '\0';
608 
609   int mkstemp_fd = mkstemp(buf.data());
610   TEST_AND_RETURN_FALSE_ERRNO(mkstemp_fd >= 0);
611   if (filename) {
612     *filename = buf.data();
613   }
614   if (fd) {
615     *fd = mkstemp_fd;
616   } else {
617     close(mkstemp_fd);
618   }
619   return true;
620 }
621 
SetBlockDeviceReadOnly(const string & device,bool read_only)622 bool SetBlockDeviceReadOnly(const string& device, bool read_only) {
623   int fd = HANDLE_EINTR(open(device.c_str(), O_RDONLY | O_CLOEXEC));
624   if (fd < 0) {
625     PLOG(ERROR) << "Opening block device " << device;
626     return false;
627   }
628   ScopedFdCloser fd_closer(&fd);
629   // We take no action if not needed.
630   int read_only_flag;
631   int expected_flag = read_only ? 1 : 0;
632   int rc = ioctl(fd, BLKROGET, &read_only_flag);
633   // In case of failure reading the setting we will try to set it anyway.
634   if (rc == 0 && read_only_flag == expected_flag)
635     return true;
636 
637   rc = ioctl(fd, BLKROSET, &expected_flag);
638   if (rc != 0) {
639     PLOG(ERROR) << "Marking block device " << device
640                 << " as read_only=" << expected_flag;
641     return false;
642   }
643   return true;
644 }
645 
MountFilesystem(const string & device,const string & mountpoint,unsigned long mountflags,const string & type,const string & fs_mount_options)646 bool MountFilesystem(const string& device,
647                      const string& mountpoint,
648                      unsigned long mountflags,  // NOLINT(runtime/int)
649                      const string& type,
650                      const string& fs_mount_options) {
651   vector<const char*> fstypes;
652   if (type.empty()) {
653     fstypes = {"ext2", "ext3", "ext4", "squashfs"};
654   } else {
655     fstypes = {type.c_str()};
656   }
657   for (const char* fstype : fstypes) {
658     int rc = mount(device.c_str(),
659                    mountpoint.c_str(),
660                    fstype,
661                    mountflags,
662                    fs_mount_options.c_str());
663     if (rc == 0)
664       return true;
665 
666     PLOG(WARNING) << "Unable to mount destination device " << device << " on "
667                   << mountpoint << " as " << fstype;
668   }
669   if (!type.empty()) {
670     LOG(ERROR) << "Unable to mount " << device << " with any supported type";
671   }
672   return false;
673 }
674 
UnmountFilesystem(const string & mountpoint)675 bool UnmountFilesystem(const string& mountpoint) {
676   int num_retries = 1;
677   for (;; ++num_retries) {
678     if (umount(mountpoint.c_str()) == 0)
679       return true;
680     if (errno != EBUSY || num_retries >= kUnmountMaxNumOfRetries)
681       break;
682     usleep(kUnmountRetryIntervalInMicroseconds);
683   }
684   if (errno == EINVAL) {
685     LOG(INFO) << "Not a mountpoint: " << mountpoint;
686     return false;
687   }
688   PLOG(WARNING) << "Error unmounting " << mountpoint << " after " << num_retries
689                 << " attempts. Lazy unmounting instead, error was";
690   if (umount2(mountpoint.c_str(), MNT_DETACH) != 0) {
691     PLOG(ERROR) << "Lazy unmount failed";
692     return false;
693   }
694   return true;
695 }
696 
IsMountpoint(const std::string & mountpoint)697 bool IsMountpoint(const std::string& mountpoint) {
698   struct stat stdir, stparent;
699 
700   // Check whether the passed mountpoint is a directory and the /.. is in the
701   // same device or not. If mountpoint/.. is in a different device it means that
702   // there is a filesystem mounted there. If it is not, but they both point to
703   // the same inode it basically is the special case of /.. pointing to /. This
704   // test doesn't play well with bind mount but that's out of the scope of what
705   // we want to detect here.
706   if (lstat(mountpoint.c_str(), &stdir) != 0) {
707     PLOG(ERROR) << "Error stat'ing " << mountpoint;
708     return false;
709   }
710   if (!S_ISDIR(stdir.st_mode))
711     return false;
712 
713   base::FilePath parent(mountpoint);
714   parent = parent.Append("..");
715   if (lstat(parent.value().c_str(), &stparent) != 0) {
716     PLOG(ERROR) << "Error stat'ing " << parent.value();
717     return false;
718   }
719   return S_ISDIR(stparent.st_mode) &&
720          (stparent.st_dev != stdir.st_dev || stparent.st_ino == stdir.st_ino);
721 }
722 
723 // Tries to parse the header of an ELF file to obtain a human-readable
724 // description of it on the |output| string.
GetFileFormatELF(const uint8_t * buffer,size_t size,string * output)725 static bool GetFileFormatELF(const uint8_t* buffer,
726                              size_t size,
727                              string* output) {
728   // 0x00: EI_MAG - ELF magic header, 4 bytes.
729   if (size < SELFMAG || memcmp(buffer, ELFMAG, SELFMAG) != 0)
730     return false;
731   *output = "ELF";
732 
733   // 0x04: EI_CLASS, 1 byte.
734   if (size < EI_CLASS + 1)
735     return true;
736   switch (buffer[EI_CLASS]) {
737     case ELFCLASS32:
738       *output += " 32-bit";
739       break;
740     case ELFCLASS64:
741       *output += " 64-bit";
742       break;
743     default:
744       *output += " ?-bit";
745   }
746 
747   // 0x05: EI_DATA, endianness, 1 byte.
748   if (size < EI_DATA + 1)
749     return true;
750   uint8_t ei_data = buffer[EI_DATA];
751   switch (ei_data) {
752     case ELFDATA2LSB:
753       *output += " little-endian";
754       break;
755     case ELFDATA2MSB:
756       *output += " big-endian";
757       break;
758     default:
759       *output += " ?-endian";
760       // Don't parse anything after the 0x10 offset if endianness is unknown.
761       return true;
762   }
763 
764   const Elf32_Ehdr* hdr = reinterpret_cast<const Elf32_Ehdr*>(buffer);
765   // 0x12: e_machine, 2 byte endianness based on ei_data. The position (0x12)
766   // and size is the same for both 32 and 64 bits.
767   if (size < offsetof(Elf32_Ehdr, e_machine) + sizeof(hdr->e_machine))
768     return true;
769   uint16_t e_machine;
770   // Fix endianness regardless of the host endianness.
771   if (ei_data == ELFDATA2LSB)
772     e_machine = le16toh(hdr->e_machine);
773   else
774     e_machine = be16toh(hdr->e_machine);
775 
776   switch (e_machine) {
777     case EM_386:
778       *output += " x86";
779       break;
780     case EM_MIPS:
781       *output += " mips";
782       break;
783     case EM_ARM:
784       *output += " arm";
785       break;
786     case EM_X86_64:
787       *output += " x86-64";
788       break;
789     default:
790       *output += " unknown-arch";
791   }
792   return true;
793 }
794 
GetFileFormat(const string & path)795 string GetFileFormat(const string& path) {
796   brillo::Blob buffer;
797   if (!ReadFileChunkAndAppend(path, 0, kGetFileFormatMaxHeaderSize, &buffer))
798     return "File not found.";
799 
800   string result;
801   if (GetFileFormatELF(buffer.data(), buffer.size(), &result))
802     return result;
803 
804   return "data";
805 }
806 
FuzzInt(int value,unsigned int range)807 int FuzzInt(int value, unsigned int range) {
808   int min = value - range / 2;
809   int max = value + range - range / 2;
810   return base::RandInt(min, max);
811 }
812 
FormatSecs(unsigned secs)813 string FormatSecs(unsigned secs) {
814   return FormatTimeDelta(TimeDelta::FromSeconds(secs));
815 }
816 
FormatTimeDelta(TimeDelta delta)817 string FormatTimeDelta(TimeDelta delta) {
818   string str;
819 
820   // Handle negative durations by prefixing with a minus.
821   if (delta.ToInternalValue() < 0) {
822     delta *= -1;
823     str = "-";
824   }
825 
826   // Canonicalize into days, hours, minutes, seconds and microseconds.
827   unsigned days = delta.InDays();
828   delta -= TimeDelta::FromDays(days);
829   unsigned hours = delta.InHours();
830   delta -= TimeDelta::FromHours(hours);
831   unsigned mins = delta.InMinutes();
832   delta -= TimeDelta::FromMinutes(mins);
833   unsigned secs = delta.InSeconds();
834   delta -= TimeDelta::FromSeconds(secs);
835   unsigned usecs = delta.InMicroseconds();
836 
837   if (days)
838     base::StringAppendF(&str, "%ud", days);
839   if (days || hours)
840     base::StringAppendF(&str, "%uh", hours);
841   if (days || hours || mins)
842     base::StringAppendF(&str, "%um", mins);
843   base::StringAppendF(&str, "%u", secs);
844   if (usecs) {
845     int width = 6;
846     while ((usecs / 10) * 10 == usecs) {
847       usecs /= 10;
848       width--;
849     }
850     base::StringAppendF(&str, ".%0*u", width, usecs);
851   }
852   base::StringAppendF(&str, "s");
853   return str;
854 }
855 
ToString(const Time utc_time)856 string ToString(const Time utc_time) {
857   Time::Exploded exp_time;
858   utc_time.UTCExplode(&exp_time);
859   return base::StringPrintf("%d/%d/%d %d:%02d:%02d GMT",
860                             exp_time.month,
861                             exp_time.day_of_month,
862                             exp_time.year,
863                             exp_time.hour,
864                             exp_time.minute,
865                             exp_time.second);
866 }
867 
ToString(bool b)868 string ToString(bool b) {
869   return (b ? "true" : "false");
870 }
871 
ToString(DownloadSource source)872 string ToString(DownloadSource source) {
873   switch (source) {
874     case kDownloadSourceHttpsServer:
875       return "HttpsServer";
876     case kDownloadSourceHttpServer:
877       return "HttpServer";
878     case kDownloadSourceHttpPeer:
879       return "HttpPeer";
880     case kNumDownloadSources:
881       return "Unknown";
882       // Don't add a default case to let the compiler warn about newly added
883       // download sources which should be added here.
884   }
885 
886   return "Unknown";
887 }
888 
ToString(PayloadType payload_type)889 string ToString(PayloadType payload_type) {
890   switch (payload_type) {
891     case kPayloadTypeDelta:
892       return "Delta";
893     case kPayloadTypeFull:
894       return "Full";
895     case kPayloadTypeForcedFull:
896       return "ForcedFull";
897     case kNumPayloadTypes:
898       return "Unknown";
899       // Don't add a default case to let the compiler warn about newly added
900       // payload types which should be added here.
901   }
902 
903   return "Unknown";
904 }
905 
GetBaseErrorCode(ErrorCode code)906 ErrorCode GetBaseErrorCode(ErrorCode code) {
907   // Ignore the higher order bits in the code by applying the mask as
908   // we want the enumerations to be in the small contiguous range
909   // with values less than ErrorCode::kUmaReportedMax.
910   ErrorCode base_code = static_cast<ErrorCode>(
911       static_cast<int>(code) & ~static_cast<int>(ErrorCode::kSpecialFlags));
912 
913   // Make additional adjustments required for UMA and error classification.
914   // TODO(jaysri): Move this logic to UeErrorCode.cc when we fix
915   // chromium-os:34369.
916   if (base_code >= ErrorCode::kOmahaRequestHTTPResponseBase) {
917     // Since we want to keep the enums to a small value, aggregate all HTTP
918     // errors into this one bucket for UMA and error classification purposes.
919     LOG(INFO) << "Converting error code " << base_code
920               << " to ErrorCode::kOmahaErrorInHTTPResponse";
921     base_code = ErrorCode::kOmahaErrorInHTTPResponse;
922   }
923 
924   return base_code;
925 }
926 
StringVectorToString(const vector<string> & vec_str)927 string StringVectorToString(const vector<string> &vec_str) {
928   string str = "[";
929   for (vector<string>::const_iterator i = vec_str.begin(); i != vec_str.end();
930        ++i) {
931     if (i != vec_str.begin())
932       str += ", ";
933     str += '"';
934     str += *i;
935     str += '"';
936   }
937   str += "]";
938   return str;
939 }
940 
941 // The P2P file id should be the same for devices running new version and old
942 // version so that they can share it with each other. The hash in the response
943 // was base64 encoded, but now that we switched to use "hash_sha256" field which
944 // is hex encoded, we have to convert them back to base64 for P2P. However, the
945 // base64 encoded hash was base64 encoded here again historically for some
946 // reason, so we keep the same behavior here.
CalculateP2PFileId(const brillo::Blob & payload_hash,size_t payload_size)947 string CalculateP2PFileId(const brillo::Blob& payload_hash,
948                           size_t payload_size) {
949   string encoded_hash = brillo::data_encoding::Base64Encode(
950       brillo::data_encoding::Base64Encode(payload_hash));
951   return base::StringPrintf("cros_update_size_%" PRIuS "_hash_%s",
952                             payload_size,
953                             encoded_hash.c_str());
954 }
955 
ConvertToOmahaInstallDate(Time time,int * out_num_days)956 bool ConvertToOmahaInstallDate(Time time, int *out_num_days) {
957   time_t unix_time = time.ToTimeT();
958   // Output of: date +"%s" --date="Jan 1, 2007 0:00 PST".
959   const time_t kOmahaEpoch = 1167638400;
960   const int64_t kNumSecondsPerWeek = 7 * 24 * 3600;
961   const int64_t kNumDaysPerWeek = 7;
962 
963   time_t omaha_time = unix_time - kOmahaEpoch;
964 
965   if (omaha_time < 0)
966     return false;
967 
968   // Note, as per the comment in utils.h we are deliberately not
969   // handling DST correctly.
970 
971   int64_t num_weeks_since_omaha_epoch = omaha_time / kNumSecondsPerWeek;
972   *out_num_days = num_weeks_since_omaha_epoch * kNumDaysPerWeek;
973 
974   return true;
975 }
976 
GetMinorVersion(const brillo::KeyValueStore & store,uint32_t * minor_version)977 bool GetMinorVersion(const brillo::KeyValueStore& store,
978                      uint32_t* minor_version) {
979   string result;
980   if (store.GetString("PAYLOAD_MINOR_VERSION", &result)) {
981     if (!base::StringToUint(result, minor_version)) {
982       LOG(ERROR) << "StringToUint failed when parsing delta minor version.";
983       return false;
984     }
985     return true;
986   }
987   return false;
988 }
989 
ReadExtents(const string & path,const vector<Extent> & extents,brillo::Blob * out_data,ssize_t out_data_size,size_t block_size)990 bool ReadExtents(const string& path,
991                  const vector<Extent>& extents,
992                  brillo::Blob* out_data,
993                  ssize_t out_data_size,
994                  size_t block_size) {
995   brillo::Blob data(out_data_size);
996   ssize_t bytes_read = 0;
997   int fd = open(path.c_str(), O_RDONLY);
998   TEST_AND_RETURN_FALSE_ERRNO(fd >= 0);
999   ScopedFdCloser fd_closer(&fd);
1000 
1001   for (const Extent& extent : extents) {
1002     ssize_t bytes_read_this_iteration = 0;
1003     ssize_t bytes = extent.num_blocks() * block_size;
1004     TEST_AND_RETURN_FALSE(bytes_read + bytes <= out_data_size);
1005     TEST_AND_RETURN_FALSE(utils::PReadAll(fd,
1006                                           &data[bytes_read],
1007                                           bytes,
1008                                           extent.start_block() * block_size,
1009                                           &bytes_read_this_iteration));
1010     TEST_AND_RETURN_FALSE(bytes_read_this_iteration == bytes);
1011     bytes_read += bytes_read_this_iteration;
1012   }
1013   TEST_AND_RETURN_FALSE(out_data_size == bytes_read);
1014   *out_data = data;
1015   return true;
1016 }
1017 
GetBootId(string * boot_id)1018 bool GetBootId(string* boot_id) {
1019   TEST_AND_RETURN_FALSE(
1020       base::ReadFileToString(base::FilePath(kBootIdPath), boot_id));
1021   base::TrimWhitespaceASCII(*boot_id, base::TRIM_TRAILING, boot_id);
1022   return true;
1023 }
1024 
VersionPrefix(const std::string & version)1025 int VersionPrefix(const std::string& version) {
1026   if (version.empty()) {
1027     return 0;
1028   }
1029   vector<string> tokens = base::SplitString(
1030       version, ".", base::KEEP_WHITESPACE, base::SPLIT_WANT_ALL);
1031   int value;
1032   if (tokens.empty() || !base::StringToInt(tokens[0], &value))
1033     return -1;  // Target version is invalid.
1034   return value;
1035 }
1036 
ParseRollbackKeyVersion(const string & raw_version,uint16_t * high_version,uint16_t * low_version)1037 void ParseRollbackKeyVersion(const string& raw_version,
1038                              uint16_t* high_version,
1039                              uint16_t* low_version) {
1040   DCHECK(high_version);
1041   DCHECK(low_version);
1042   *high_version = numeric_limits<uint16_t>::max();
1043   *low_version = numeric_limits<uint16_t>::max();
1044 
1045   vector<string> parts = base::SplitString(
1046       raw_version, ".", base::TRIM_WHITESPACE, base::SPLIT_WANT_ALL);
1047   if (parts.size() != 2) {
1048     // The version string must have exactly one period.
1049     return;
1050   }
1051 
1052   int high;
1053   int low;
1054   if (!(base::StringToInt(parts[0], &high) &&
1055         base::StringToInt(parts[1], &low))) {
1056     // Both parts of the version could not be parsed correctly.
1057     return;
1058   }
1059 
1060   if (high >= 0 && high < numeric_limits<uint16_t>::max() && low >= 0 &&
1061       low < numeric_limits<uint16_t>::max()) {
1062     *high_version = static_cast<uint16_t>(high);
1063     *low_version = static_cast<uint16_t>(low);
1064   }
1065 }
1066 
1067 }  // namespace utils
1068 
1069 }  // namespace chromeos_update_engine
1070