1 /*
2 * Copyright (C) 2019 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "partition_installer.h"
18
19 #include <sys/statvfs.h>
20
21 #include <android-base/file.h>
22 #include <android-base/logging.h>
23 #include <android-base/unique_fd.h>
24 #include <ext4_utils/ext4_utils.h>
25 #include <fs_mgr.h>
26 #include <fs_mgr_dm_linear.h>
27 #include <libdm/dm.h>
28 #include <libgsi/libgsi.h>
29 #include <liblp/partition_opener.h>
30
31 #include "file_paths.h"
32 #include "gsi_service.h"
33 #include "libgsi_private.h"
34
35 namespace android {
36 namespace gsi {
37
38 using namespace std::literals;
39 using namespace android::dm;
40 using namespace android::fiemap;
41 using namespace android::fs_mgr;
42 using android::base::unique_fd;
43
PartitionInstaller(GsiService * service,const std::string & install_dir,const std::string & name,const std::string & active_dsu,int64_t size,bool read_only)44 PartitionInstaller::PartitionInstaller(GsiService* service, const std::string& install_dir,
45 const std::string& name, const std::string& active_dsu,
46 int64_t size, bool read_only)
47 : service_(service),
48 install_dir_(install_dir),
49 name_(name),
50 active_dsu_(active_dsu),
51 size_(size),
52 readOnly_(read_only) {
53 images_ = ImageManager::Open(MetadataDir(active_dsu), install_dir_);
54 }
55
~PartitionInstaller()56 PartitionInstaller::~PartitionInstaller() {
57 if (FinishInstall() != IGsiService::INSTALL_OK) {
58 LOG(ERROR) << "Installation failed: install_dir=" << install_dir_
59 << ", dsu_slot=" << active_dsu_ << ", partition_name=" << name_;
60 }
61 if (IsAshmemMapped()) {
62 UnmapAshmem();
63 }
64 }
65
FinishInstall()66 int PartitionInstaller::FinishInstall() {
67 if (finished_) {
68 return finished_status_;
69 }
70 finished_ = true;
71 finished_status_ = CheckInstallState();
72 system_device_ = nullptr;
73 if (finished_status_ != IGsiService::INSTALL_OK) {
74 auto file = GetBackingFile(name_);
75 LOG(ERROR) << "Installation failed, clean up: " << file;
76 if (images_->IsImageMapped(file)) {
77 LOG(ERROR) << "unmap " << file;
78 images_->UnmapImageDevice(file);
79 }
80 images_->DeleteBackingImage(file);
81 }
82 return finished_status_;
83 }
84
StartInstall()85 int PartitionInstaller::StartInstall() {
86 if (int status = PerformSanityChecks()) {
87 return status;
88 }
89 if (int status = Preallocate()) {
90 return status;
91 }
92 if (!readOnly_) {
93 if (!Format()) {
94 return IGsiService::INSTALL_ERROR_GENERIC;
95 }
96 } else {
97 // Map ${name}_gsi so we can write to it.
98 system_device_ = OpenPartition(GetBackingFile(name_));
99 if (!system_device_) {
100 return IGsiService::INSTALL_ERROR_GENERIC;
101 }
102
103 // Clear the progress indicator.
104 service_->UpdateProgress(IGsiService::STATUS_NO_OPERATION, 0);
105 }
106 return IGsiService::INSTALL_OK;
107 }
108
PerformSanityChecks()109 int PartitionInstaller::PerformSanityChecks() {
110 if (!images_) {
111 LOG(ERROR) << "unable to create image manager";
112 return IGsiService::INSTALL_ERROR_GENERIC;
113 }
114 if (size_ < 0) {
115 LOG(ERROR) << "image size " << size_ << " is negative";
116 return IGsiService::INSTALL_ERROR_GENERIC;
117 }
118 if (android::gsi::IsGsiRunning()) {
119 LOG(ERROR) << "cannot install gsi inside a live gsi";
120 return IGsiService::INSTALL_ERROR_GENERIC;
121 }
122
123 struct statvfs sb;
124 if (statvfs(install_dir_.c_str(), &sb)) {
125 PLOG(ERROR) << "failed to read file system stats";
126 return IGsiService::INSTALL_ERROR_GENERIC;
127 }
128
129 // This is the same as android::vold::GetFreebytes() but we also
130 // need the total file system size so we open code it here.
131 uint64_t free_space = static_cast<uint64_t>(sb.f_bavail) * sb.f_frsize;
132 if (free_space <= (size_)) {
133 LOG(ERROR) << "not enough free space (only " << free_space << " bytes available)";
134 return IGsiService::INSTALL_ERROR_NO_SPACE;
135 }
136
137 const auto free_space_threshold = GetMinimumFreeSpaceThreshold(install_dir_);
138 if (!free_space_threshold.has_value()) {
139 return IGsiService::INSTALL_ERROR_GENERIC;
140 }
141 if (free_space < size_ + *free_space_threshold) {
142 LOG(ERROR) << "post-installation free space (" << free_space << " - " << size_
143 << ") would be below the minimum threshold of " << *free_space_threshold;
144 return IGsiService::INSTALL_ERROR_FILE_SYSTEM_CLUTTERED;
145 }
146 return IGsiService::INSTALL_OK;
147 }
148
Preallocate()149 int PartitionInstaller::Preallocate() {
150 std::string file = GetBackingFile(name_);
151 if (!images_->UnmapImageIfExists(file)) {
152 LOG(ERROR) << "failed to UnmapImageIfExists " << file;
153 return IGsiService::INSTALL_ERROR_GENERIC;
154 }
155 // always delete the old one when it presents in case there might a partition
156 // with same name but different size.
157 if (images_->BackingImageExists(file)) {
158 if (!images_->DeleteBackingImage(file)) {
159 LOG(ERROR) << "failed to DeleteBackingImage " << file;
160 return IGsiService::INSTALL_ERROR_GENERIC;
161 }
162 }
163 service_->StartAsyncOperation("create " + name_, size_);
164 if (!CreateImage(file, size_)) {
165 LOG(ERROR) << "Could not create userdata image";
166 return IGsiService::INSTALL_ERROR_GENERIC;
167 }
168 service_->UpdateProgress(IGsiService::STATUS_COMPLETE, 0);
169 return IGsiService::INSTALL_OK;
170 }
171
CreateImage(const std::string & name,uint64_t size)172 bool PartitionInstaller::CreateImage(const std::string& name, uint64_t size) {
173 auto progress = [this](uint64_t bytes, uint64_t /* total */) -> bool {
174 service_->UpdateProgress(IGsiService::STATUS_WORKING, bytes);
175 if (service_->should_abort()) return false;
176 return true;
177 };
178 int flags = ImageManager::CREATE_IMAGE_DEFAULT;
179 if (readOnly_) {
180 flags |= ImageManager::CREATE_IMAGE_READONLY;
181 }
182 return images_->CreateBackingImage(name, size, flags, std::move(progress));
183 }
184
OpenPartition(const std::string & name)185 std::unique_ptr<MappedDevice> PartitionInstaller::OpenPartition(const std::string& name) {
186 return MappedDevice::Open(images_.get(), 10s, name);
187 }
188
CommitGsiChunk(int stream_fd,int64_t bytes)189 bool PartitionInstaller::CommitGsiChunk(int stream_fd, int64_t bytes) {
190 service_->StartAsyncOperation("write " + name_, size_);
191
192 if (bytes < 0) {
193 LOG(ERROR) << "chunk size " << bytes << " is negative";
194 return false;
195 }
196
197 static const size_t kBlockSize = 4096;
198 auto buffer = std::make_unique<char[]>(kBlockSize);
199
200 int progress = -1;
201 uint64_t remaining = bytes;
202 while (remaining) {
203 size_t max_to_read = std::min(static_cast<uint64_t>(kBlockSize), remaining);
204 ssize_t rv = TEMP_FAILURE_RETRY(read(stream_fd, buffer.get(), max_to_read));
205 if (rv < 0) {
206 PLOG(ERROR) << "read gsi chunk";
207 return false;
208 }
209 if (rv == 0) {
210 LOG(ERROR) << "no bytes left in stream";
211 return false;
212 }
213 if (!CommitGsiChunk(buffer.get(), rv)) {
214 return false;
215 }
216 CHECK(static_cast<uint64_t>(rv) <= remaining);
217 remaining -= rv;
218
219 // Only update the progress when the % (or permille, in this case)
220 // significantly changes.
221 int new_progress = ((size_ - remaining) * 1000) / size_;
222 if (new_progress != progress) {
223 service_->UpdateProgress(IGsiService::STATUS_WORKING, size_ - remaining);
224 }
225 }
226
227 service_->UpdateProgress(IGsiService::STATUS_COMPLETE, size_);
228 return true;
229 }
230
IsFinishedWriting()231 bool PartitionInstaller::IsFinishedWriting() {
232 return gsi_bytes_written_ == size_;
233 }
234
IsAshmemMapped()235 bool PartitionInstaller::IsAshmemMapped() {
236 return ashmem_data_ != MAP_FAILED;
237 }
238
CommitGsiChunk(const void * data,size_t bytes)239 bool PartitionInstaller::CommitGsiChunk(const void* data, size_t bytes) {
240 if (static_cast<uint64_t>(bytes) > size_ - gsi_bytes_written_) {
241 // We cannot write past the end of the image file.
242 LOG(ERROR) << "chunk size " << bytes << " exceeds remaining image size (" << size_
243 << " expected, " << gsi_bytes_written_ << " written)";
244 return false;
245 }
246 if (service_->should_abort()) {
247 return false;
248 }
249 if (!android::base::WriteFully(system_device_->fd(), data, bytes)) {
250 PLOG(ERROR) << "write failed";
251 return false;
252 }
253 gsi_bytes_written_ += bytes;
254 return true;
255 }
256
GetPartitionFd()257 int PartitionInstaller::GetPartitionFd() {
258 return system_device_->fd();
259 }
260
MapAshmem(int fd,size_t size)261 bool PartitionInstaller::MapAshmem(int fd, size_t size) {
262 ashmem_size_ = size;
263 ashmem_data_ = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0);
264 return ashmem_data_ != MAP_FAILED;
265 }
266
UnmapAshmem()267 void PartitionInstaller::UnmapAshmem() {
268 if (munmap(ashmem_data_, ashmem_size_) != 0) {
269 PLOG(ERROR) << "cannot munmap";
270 return;
271 }
272 ashmem_data_ = MAP_FAILED;
273 ashmem_size_ = -1;
274 }
275
CommitGsiChunk(size_t bytes)276 bool PartitionInstaller::CommitGsiChunk(size_t bytes) {
277 if (!IsAshmemMapped()) {
278 PLOG(ERROR) << "ashmem is not mapped";
279 return false;
280 }
281 bool success = CommitGsiChunk(ashmem_data_, bytes);
282 if (success && IsFinishedWriting()) {
283 UnmapAshmem();
284 }
285 return success;
286 }
287
GetBackingFile(std::string name)288 const std::string PartitionInstaller::GetBackingFile(std::string name) {
289 return name + "_gsi";
290 }
291
Format()292 bool PartitionInstaller::Format() {
293 auto file = GetBackingFile(name_);
294 auto device = OpenPartition(file);
295 if (!device) {
296 return false;
297 }
298
299 // libcutils checks the first 4K, no matter the block size.
300 std::string zeroes(4096, 0);
301 if (!android::base::WriteFully(device->fd(), zeroes.data(), zeroes.size())) {
302 PLOG(ERROR) << "write " << file;
303 return false;
304 }
305 return true;
306 }
307
CheckInstallState()308 int PartitionInstaller::CheckInstallState() {
309 if (readOnly_ && !IsFinishedWriting()) {
310 // We cannot boot if the image is incomplete.
311 LOG(ERROR) << "image incomplete; expected " << size_ << " bytes, waiting for "
312 << (size_ - gsi_bytes_written_) << " bytes";
313 return IGsiService::INSTALL_ERROR_GENERIC;
314 }
315 if (system_device_ != nullptr && fsync(GetPartitionFd())) {
316 PLOG(ERROR) << "fsync failed for " << GetBackingFile(name_);
317 return IGsiService::INSTALL_ERROR_GENERIC;
318 }
319 // If files moved (are no longer pinned), the metadata file will be invalid.
320 // This check can be removed once b/133967059 is fixed.
321 if (!images_->Validate()) {
322 return IGsiService::INSTALL_ERROR_GENERIC;
323 }
324 return IGsiService::INSTALL_OK;
325 }
326
WipeWritable(const std::string & active_dsu,const std::string & install_dir,const std::string & name)327 int PartitionInstaller::WipeWritable(const std::string& active_dsu, const std::string& install_dir,
328 const std::string& name) {
329 auto image = ImageManager::Open(MetadataDir(active_dsu), install_dir);
330 // The device object has to be destroyed before the image object
331 auto device = MappedDevice::Open(image.get(), 10s, name);
332 if (!device) {
333 return IGsiService::INSTALL_ERROR_GENERIC;
334 }
335
336 // Wipe the first 1MiB of the device, ensuring both the first block and
337 // the superblock are destroyed.
338 static constexpr uint64_t kEraseSize = 1024 * 1024;
339
340 std::string zeroes(4096, 0);
341 uint64_t erase_size = std::min(kEraseSize, get_block_device_size(device->fd()));
342 for (uint64_t i = 0; i < erase_size; i += zeroes.size()) {
343 if (!android::base::WriteFully(device->fd(), zeroes.data(), zeroes.size())) {
344 PLOG(ERROR) << "write " << name;
345 return IGsiService::INSTALL_ERROR_GENERIC;
346 }
347 }
348 return IGsiService::INSTALL_OK;
349 }
350
GetMinimumFreeSpaceThreshold(const std::string & install_dir)351 std::optional<uint64_t> PartitionInstaller::GetMinimumFreeSpaceThreshold(
352 const std::string& install_dir) {
353 // No need to retain any space if we were not installing to the internal storage.
354 if (!android::base::StartsWith(install_dir, "/data"s)) {
355 return 0;
356 }
357 // Dynamic Partitions device must have a "super" block device.
358 BlockDeviceInfo info;
359 PartitionOpener opener;
360 if (!opener.GetInfo(fs_mgr_get_super_partition_name(), &info)) {
361 // We shouldn't reach here, but handle it just in case.
362 LOG(ERROR) << "could not get block device info of super";
363 return std::nullopt;
364 }
365 // Reserve |super partition| of storage space so we don't disable VAB.
366 return info.size;
367 }
368
369 } // namespace gsi
370 } // namespace android
371