1# Copyright (C) 2008 The Android Open Source Project 2# 3# Licensed under the Apache License, Version 2.0 (the "License"); 4# you may not use this file except in compliance with the License. 5# You may obtain a copy of the License at 6# 7# http://www.apache.org/licenses/LICENSE-2.0 8# 9# Unless required by applicable law or agreed to in writing, software 10# distributed under the License is distributed on an "AS IS" BASIS, 11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12# See the License for the specific language governing permissions and 13# limitations under the License. 14 15from __future__ import print_function 16 17import base64 18import collections 19import copy 20import datetime 21import errno 22import fnmatch 23import getopt 24import getpass 25import gzip 26import imp 27import json 28import logging 29import logging.config 30import os 31import platform 32import re 33import shlex 34import shutil 35import subprocess 36import stat 37import sys 38import tempfile 39import threading 40import time 41import zipfile 42 43from typing import Iterable, Callable 44from dataclasses import dataclass 45from hashlib import sha1, sha256 46 47import images 48import sparse_img 49from blockimgdiff import BlockImageDiff 50 51logger = logging.getLogger(__name__) 52 53 54@dataclass 55class OptionHandler: 56 extra_long_opts: Iterable[str] 57 handler: Callable 58 59class Options(object): 60 61 def __init__(self): 62 # Set up search path, in order to find framework/ and lib64/. At the time of 63 # running this function, user-supplied search path (`--path`) hasn't been 64 # available. So the value set here is the default, which might be overridden 65 # by commandline flag later. 66 exec_path = os.path.realpath(sys.argv[0]) 67 if exec_path.endswith('.py'): 68 script_name = os.path.basename(exec_path) 69 # logger hasn't been initialized yet at this point. Use print to output 70 # warnings. 71 print( 72 'Warning: releasetools script should be invoked as hermetic Python ' 73 'executable -- build and run `{}` directly.'.format( 74 script_name[:-3]), 75 file=sys.stderr) 76 self.search_path = os.path.dirname(os.path.dirname(exec_path)) 77 78 self.signapk_path = "framework/signapk.jar" # Relative to search_path 79 if not os.path.exists(os.path.join(self.search_path, self.signapk_path)): 80 if "ANDROID_HOST_OUT" in os.environ: 81 self.search_path = os.environ["ANDROID_HOST_OUT"] 82 self.signapk_shared_library_path = "lib64" # Relative to search_path 83 self.extra_signapk_args = [] 84 self.aapt2_path = "aapt2" 85 self.java_path = "java" # Use the one on the path by default. 86 self.java_args = ["-Xmx4096m"] # The default JVM args. 87 self.android_jar_path = None 88 self.public_key_suffix = ".x509.pem" 89 self.private_key_suffix = ".pk8" 90 # use otatools built boot_signer by default 91 self.verbose = False 92 self.tempfiles = [] 93 self.device_specific = None 94 self.extras = {} 95 self.info_dict = None 96 self.source_info_dict = None 97 self.target_info_dict = None 98 self.worker_threads = None 99 # Stash size cannot exceed cache_size * threshold. 100 self.cache_size = None 101 self.stash_threshold = 0.8 102 self.logfile = None 103 104 105OPTIONS = Options() 106 107# The block size that's used across the releasetools scripts. 108BLOCK_SIZE = 4096 109 110# Values for "certificate" in apkcerts that mean special things. 111SPECIAL_CERT_STRINGS = ("PRESIGNED", "EXTERNAL") 112 113# The partitions allowed to be signed by AVB (Android Verified Boot 2.0). Note 114# that system_other is not in the list because we don't want to include its 115# descriptor into vbmeta.img. When adding a new entry here, the 116# AVB_FOOTER_ARGS_BY_PARTITION in sign_target_files_apks need to be updated 117# accordingly. 118AVB_PARTITIONS = ('boot', 'init_boot', 'dtbo', 'odm', 'product', 'pvmfw', 119 'recovery', 'system', 'system_ext', 'vendor', 'vendor_boot', 120 'vendor_kernel_boot', 'vendor_dlkm', 'odm_dlkm', 121 'system_dlkm') 122 123# Chained VBMeta partitions. 124AVB_VBMETA_PARTITIONS = ('vbmeta_system', 'vbmeta_vendor') 125 126# avbtool arguments name 127AVB_ARG_NAME_INCLUDE_DESC_FROM_IMG = '--include_descriptors_from_image' 128AVB_ARG_NAME_CHAIN_PARTITION = '--chain_partition' 129 130# Partitions that should have their care_map added to META/care_map.pb 131PARTITIONS_WITH_CARE_MAP = [ 132 'system', 133 'vendor', 134 'product', 135 'system_ext', 136 'odm', 137 'vendor_dlkm', 138 'odm_dlkm', 139 'system_dlkm', 140] 141 142# Partitions with a build.prop file 143PARTITIONS_WITH_BUILD_PROP = PARTITIONS_WITH_CARE_MAP + ['boot', 'init_boot'] 144 145# See sysprop.mk. If file is moved, add new search paths here; don't remove 146# existing search paths. 147RAMDISK_BUILD_PROP_REL_PATHS = ['system/etc/ramdisk/build.prop'] 148 149 150@dataclass 151class AvbChainedPartitionArg: 152 """The required arguments for avbtool --chain_partition.""" 153 partition: str 154 rollback_index_location: int 155 pubkey_path: str 156 157 def to_string(self): 158 """Convert to string command arguments.""" 159 return '{}:{}:{}'.format( 160 self.partition, self.rollback_index_location, self.pubkey_path) 161 162 163class ErrorCode(object): 164 """Define error_codes for failures that happen during the actual 165 update package installation. 166 167 Error codes 0-999 are reserved for failures before the package 168 installation (i.e. low battery, package verification failure). 169 Detailed code in 'bootable/recovery/error_code.h' """ 170 171 SYSTEM_VERIFICATION_FAILURE = 1000 172 SYSTEM_UPDATE_FAILURE = 1001 173 SYSTEM_UNEXPECTED_CONTENTS = 1002 174 SYSTEM_NONZERO_CONTENTS = 1003 175 SYSTEM_RECOVER_FAILURE = 1004 176 VENDOR_VERIFICATION_FAILURE = 2000 177 VENDOR_UPDATE_FAILURE = 2001 178 VENDOR_UNEXPECTED_CONTENTS = 2002 179 VENDOR_NONZERO_CONTENTS = 2003 180 VENDOR_RECOVER_FAILURE = 2004 181 OEM_PROP_MISMATCH = 3000 182 FINGERPRINT_MISMATCH = 3001 183 THUMBPRINT_MISMATCH = 3002 184 OLDER_BUILD = 3003 185 DEVICE_MISMATCH = 3004 186 BAD_PATCH_FILE = 3005 187 INSUFFICIENT_CACHE_SPACE = 3006 188 TUNE_PARTITION_FAILURE = 3007 189 APPLY_PATCH_FAILURE = 3008 190 191 192class ExternalError(RuntimeError): 193 pass 194 195 196def InitLogging(): 197 DEFAULT_LOGGING_CONFIG = { 198 'version': 1, 199 'disable_existing_loggers': False, 200 'formatters': { 201 'standard': { 202 'format': 203 '%(asctime)s - %(filename)s - %(levelname)-8s: %(message)s', 204 'datefmt': '%Y-%m-%d %H:%M:%S', 205 }, 206 }, 207 'handlers': { 208 'default': { 209 'class': 'logging.StreamHandler', 210 'formatter': 'standard', 211 'level': 'WARNING', 212 }, 213 }, 214 'loggers': { 215 '': { 216 'handlers': ['default'], 217 'propagate': True, 218 'level': 'NOTSET', 219 } 220 } 221 } 222 env_config = os.getenv('LOGGING_CONFIG') 223 if env_config: 224 with open(env_config) as f: 225 config = json.load(f) 226 else: 227 config = DEFAULT_LOGGING_CONFIG 228 229 # Increase the logging level for verbose mode. 230 if OPTIONS.verbose: 231 config = copy.deepcopy(config) 232 config['handlers']['default']['level'] = 'INFO' 233 234 if OPTIONS.logfile: 235 config = copy.deepcopy(config) 236 config['handlers']['logfile'] = { 237 'class': 'logging.FileHandler', 238 'formatter': 'standard', 239 'level': 'INFO', 240 'mode': 'w', 241 'filename': OPTIONS.logfile, 242 } 243 config['loggers']['']['handlers'].append('logfile') 244 245 logging.config.dictConfig(config) 246 247 248def FindHostToolPath(tool_name): 249 """Finds the path to the host tool. 250 251 Args: 252 tool_name: name of the tool to find 253 Returns: 254 path to the tool if found under the same directory as this binary is located at. If not found, 255 tool_name is returned. 256 """ 257 my_dir = os.path.dirname(os.path.realpath(sys.argv[0])) 258 tool_path = os.path.join(my_dir, tool_name) 259 if os.path.exists(tool_path): 260 return tool_path 261 262 return tool_name 263 264 265def Run(args, verbose=None, **kwargs): 266 """Creates and returns a subprocess.Popen object. 267 268 Args: 269 args: The command represented as a list of strings. 270 verbose: Whether the commands should be shown. Default to the global 271 verbosity if unspecified. 272 kwargs: Any additional args to be passed to subprocess.Popen(), such as env, 273 stdin, etc. stdout and stderr will default to subprocess.PIPE and 274 subprocess.STDOUT respectively unless caller specifies any of them. 275 universal_newlines will default to True, as most of the users in 276 releasetools expect string output. 277 278 Returns: 279 A subprocess.Popen object. 280 """ 281 if 'stdout' not in kwargs and 'stderr' not in kwargs: 282 kwargs['stdout'] = subprocess.PIPE 283 kwargs['stderr'] = subprocess.STDOUT 284 if 'universal_newlines' not in kwargs: 285 kwargs['universal_newlines'] = True 286 287 if args: 288 # Make a copy of args in case client relies on the content of args later. 289 args = args[:] 290 args[0] = FindHostToolPath(args[0]) 291 292 if verbose is None: 293 verbose = OPTIONS.verbose 294 295 # Don't log any if caller explicitly says so. 296 if verbose: 297 logger.info(" Running: \"%s\"", " ".join(args)) 298 return subprocess.Popen(args, **kwargs) 299 300 301def RunAndCheckOutput(args, verbose=None, **kwargs): 302 """Runs the given command and returns the output. 303 304 Args: 305 args: The command represented as a list of strings. 306 verbose: Whether the commands should be shown. Default to the global 307 verbosity if unspecified. 308 kwargs: Any additional args to be passed to subprocess.Popen(), such as env, 309 stdin, etc. stdout and stderr will default to subprocess.PIPE and 310 subprocess.STDOUT respectively unless caller specifies any of them. 311 312 Returns: 313 The output string. 314 315 Raises: 316 ExternalError: On non-zero exit from the command. 317 """ 318 if verbose is None: 319 verbose = OPTIONS.verbose 320 proc = Run(args, verbose=verbose, **kwargs) 321 output, _ = proc.communicate() 322 if output is None: 323 output = "" 324 # Don't log any if caller explicitly says so. 325 if verbose: 326 logger.info("%s", output.rstrip()) 327 if proc.returncode != 0: 328 raise ExternalError( 329 "Failed to run command '{}' (exit code {}):\n{}".format( 330 args, proc.returncode, output)) 331 return output 332 333 334def RoundUpTo4K(value): 335 rounded_up = value + 4095 336 return rounded_up - (rounded_up % 4096) 337 338 339def CloseInheritedPipes(): 340 """ Gmake in MAC OS has file descriptor (PIPE) leak. We close those fds 341 before doing other work.""" 342 if platform.system() != "Darwin": 343 return 344 for d in range(3, 1025): 345 try: 346 stat = os.fstat(d) 347 if stat is not None: 348 pipebit = stat[0] & 0x1000 349 if pipebit != 0: 350 os.close(d) 351 except OSError: 352 pass 353 354 355class BuildInfo(object): 356 """A class that holds the information for a given build. 357 358 This class wraps up the property querying for a given source or target build. 359 It abstracts away the logic of handling OEM-specific properties, and caches 360 the commonly used properties such as fingerprint. 361 362 There are two types of info dicts: a) build-time info dict, which is generated 363 at build time (i.e. included in a target_files zip); b) OEM info dict that is 364 specified at package generation time (via command line argument 365 '--oem_settings'). If a build doesn't use OEM-specific properties (i.e. not 366 having "oem_fingerprint_properties" in build-time info dict), all the queries 367 would be answered based on build-time info dict only. Otherwise if using 368 OEM-specific properties, some of them will be calculated from two info dicts. 369 370 Users can query properties similarly as using a dict() (e.g. info['fstab']), 371 or to query build properties via GetBuildProp() or GetPartitionBuildProp(). 372 373 Attributes: 374 info_dict: The build-time info dict. 375 is_ab: Whether it's a build that uses A/B OTA. 376 oem_dicts: A list of OEM dicts. 377 oem_props: A list of OEM properties that should be read from OEM dicts; None 378 if the build doesn't use any OEM-specific property. 379 fingerprint: The fingerprint of the build, which would be calculated based 380 on OEM properties if applicable. 381 device: The device name, which could come from OEM dicts if applicable. 382 """ 383 384 _RO_PRODUCT_RESOLVE_PROPS = ["ro.product.brand", "ro.product.device", 385 "ro.product.manufacturer", "ro.product.model", 386 "ro.product.name"] 387 _RO_PRODUCT_PROPS_DEFAULT_SOURCE_ORDER_CURRENT = [ 388 "product", "odm", "vendor", "system_ext", "system"] 389 _RO_PRODUCT_PROPS_DEFAULT_SOURCE_ORDER_ANDROID_10 = [ 390 "product", "product_services", "odm", "vendor", "system"] 391 _RO_PRODUCT_PROPS_DEFAULT_SOURCE_ORDER_LEGACY = [] 392 393 # The length of vbmeta digest to append to the fingerprint 394 _VBMETA_DIGEST_SIZE_USED = 8 395 396 def __init__(self, info_dict, oem_dicts=None, use_legacy_id=False): 397 """Initializes a BuildInfo instance with the given dicts. 398 399 Note that it only wraps up the given dicts, without making copies. 400 401 Arguments: 402 info_dict: The build-time info dict. 403 oem_dicts: A list of OEM dicts (which is parsed from --oem_settings). Note 404 that it always uses the first dict to calculate the fingerprint or the 405 device name. The rest would be used for asserting OEM properties only 406 (e.g. one package can be installed on one of these devices). 407 use_legacy_id: Use the legacy build id to construct the fingerprint. This 408 is used when we need a BuildInfo class, while the vbmeta digest is 409 unavailable. 410 411 Raises: 412 ValueError: On invalid inputs. 413 """ 414 self.info_dict = info_dict 415 self.oem_dicts = oem_dicts 416 417 self._is_ab = info_dict.get("ab_update") == "true" 418 self.use_legacy_id = use_legacy_id 419 420 # Skip _oem_props if oem_dicts is None to use BuildInfo in 421 # sign_target_files_apks 422 if self.oem_dicts: 423 self._oem_props = info_dict.get("oem_fingerprint_properties") 424 else: 425 self._oem_props = None 426 427 def check_fingerprint(fingerprint): 428 if (" " in fingerprint or any(ord(ch) > 127 for ch in fingerprint)): 429 raise ValueError( 430 'Invalid build fingerprint: "{}". See the requirement in Android CDD ' 431 "3.2.2. Build Parameters.".format(fingerprint)) 432 433 self._partition_fingerprints = {} 434 for partition in PARTITIONS_WITH_BUILD_PROP: 435 try: 436 fingerprint = self.CalculatePartitionFingerprint(partition) 437 check_fingerprint(fingerprint) 438 self._partition_fingerprints[partition] = fingerprint 439 except ExternalError: 440 continue 441 if "system" in self._partition_fingerprints: 442 # system_other is not included in PARTITIONS_WITH_BUILD_PROP, but does 443 # need a fingerprint when creating the image. 444 self._partition_fingerprints[ 445 "system_other"] = self._partition_fingerprints["system"] 446 447 # These two should be computed only after setting self._oem_props. 448 self._device = self.GetOemProperty("ro.product.device") 449 self._fingerprint = self.CalculateFingerprint() 450 check_fingerprint(self._fingerprint) 451 452 @property 453 def is_ab(self): 454 return self._is_ab 455 456 @property 457 def device(self): 458 return self._device 459 460 @property 461 def fingerprint(self): 462 return self._fingerprint 463 464 @property 465 def is_vabc(self): 466 return self.info_dict.get("virtual_ab_compression") == "true" 467 468 @property 469 def is_android_r(self): 470 system_prop = self.info_dict.get("system.build.prop") 471 return system_prop and system_prop.GetProp("ro.build.version.release") == "11" 472 473 @property 474 def is_release_key(self): 475 system_prop = self.info_dict.get("build.prop") 476 return system_prop and system_prop.GetProp("ro.build.tags") == "release-key" 477 478 @property 479 def vabc_compression_param(self): 480 return self.get("virtual_ab_compression_method", "") 481 482 @property 483 def vabc_cow_version(self): 484 return self.get("virtual_ab_cow_version", "") 485 486 @property 487 def vendor_api_level(self): 488 vendor_prop = self.info_dict.get("vendor.build.prop") 489 if not vendor_prop: 490 return -1 491 492 props = [ 493 "ro.board.first_api_level", 494 "ro.product.first_api_level", 495 ] 496 for prop in props: 497 value = vendor_prop.GetProp(prop) 498 try: 499 return int(value) 500 except: 501 pass 502 return -1 503 504 @property 505 def is_vabc_xor(self): 506 vendor_prop = self.info_dict.get("vendor.build.prop") 507 vabc_xor_enabled = vendor_prop and \ 508 vendor_prop.GetProp("ro.virtual_ab.compression.xor.enabled") == "true" 509 return vabc_xor_enabled 510 511 @property 512 def vendor_suppressed_vabc(self): 513 vendor_prop = self.info_dict.get("vendor.build.prop") 514 vabc_suppressed = vendor_prop and \ 515 vendor_prop.GetProp("ro.vendor.build.dont_use_vabc") 516 return vabc_suppressed and vabc_suppressed.lower() == "true" 517 518 @property 519 def oem_props(self): 520 return self._oem_props 521 522 def __getitem__(self, key): 523 return self.info_dict[key] 524 525 def __setitem__(self, key, value): 526 self.info_dict[key] = value 527 528 def get(self, key, default=None): 529 return self.info_dict.get(key, default) 530 531 def items(self): 532 return self.info_dict.items() 533 534 def _GetRawBuildProp(self, prop, partition): 535 prop_file = '{}.build.prop'.format( 536 partition) if partition else 'build.prop' 537 partition_props = self.info_dict.get(prop_file) 538 if not partition_props: 539 return None 540 return partition_props.GetProp(prop) 541 542 def GetPartitionBuildProp(self, prop, partition): 543 """Returns the inquired build property for the provided partition.""" 544 545 # Boot image and init_boot image uses ro.[product.]bootimage instead of boot. 546 # This comes from the generic ramdisk 547 prop_partition = "bootimage" if partition == "boot" or partition == "init_boot" else partition 548 549 # If provided a partition for this property, only look within that 550 # partition's build.prop. 551 if prop in BuildInfo._RO_PRODUCT_RESOLVE_PROPS: 552 prop = prop.replace("ro.product", "ro.product.{}".format(prop_partition)) 553 else: 554 prop = prop.replace("ro.", "ro.{}.".format(prop_partition)) 555 556 prop_val = self._GetRawBuildProp(prop, partition) 557 if prop_val is not None: 558 return prop_val 559 raise ExternalError("couldn't find %s in %s.build.prop" % 560 (prop, partition)) 561 562 def GetBuildProp(self, prop): 563 """Returns the inquired build property from the standard build.prop file.""" 564 if prop in BuildInfo._RO_PRODUCT_RESOLVE_PROPS: 565 return self._ResolveRoProductBuildProp(prop) 566 567 if prop == "ro.build.id": 568 return self._GetBuildId() 569 570 prop_val = self._GetRawBuildProp(prop, None) 571 if prop_val is not None: 572 return prop_val 573 574 raise ExternalError("couldn't find %s in build.prop" % (prop,)) 575 576 def _ResolveRoProductBuildProp(self, prop): 577 """Resolves the inquired ro.product.* build property""" 578 prop_val = self._GetRawBuildProp(prop, None) 579 if prop_val: 580 return prop_val 581 582 default_source_order = self._GetRoProductPropsDefaultSourceOrder() 583 source_order_val = self._GetRawBuildProp( 584 "ro.product.property_source_order", None) 585 if source_order_val: 586 source_order = source_order_val.split(",") 587 else: 588 source_order = default_source_order 589 590 # Check that all sources in ro.product.property_source_order are valid 591 if any([x not in default_source_order for x in source_order]): 592 raise ExternalError( 593 "Invalid ro.product.property_source_order '{}'".format(source_order)) 594 595 for source_partition in source_order: 596 source_prop = prop.replace( 597 "ro.product", "ro.product.{}".format(source_partition), 1) 598 prop_val = self._GetRawBuildProp(source_prop, source_partition) 599 if prop_val: 600 return prop_val 601 602 raise ExternalError("couldn't resolve {}".format(prop)) 603 604 def _GetRoProductPropsDefaultSourceOrder(self): 605 # NOTE: refer to CDDs and android.os.Build.VERSION for the definition and 606 # values of these properties for each Android release. 607 android_codename = self._GetRawBuildProp("ro.build.version.codename", None) 608 if android_codename == "REL": 609 android_version = self._GetRawBuildProp("ro.build.version.release", None) 610 if android_version == "10": 611 return BuildInfo._RO_PRODUCT_PROPS_DEFAULT_SOURCE_ORDER_ANDROID_10 612 # NOTE: float() conversion of android_version will have rounding error. 613 # We are checking for "9" or less, and using "< 10" is well outside of 614 # possible floating point rounding. 615 try: 616 android_version_val = float(android_version) 617 except ValueError: 618 android_version_val = 0 619 if android_version_val < 10: 620 return BuildInfo._RO_PRODUCT_PROPS_DEFAULT_SOURCE_ORDER_LEGACY 621 return BuildInfo._RO_PRODUCT_PROPS_DEFAULT_SOURCE_ORDER_CURRENT 622 623 def _GetPlatformVersion(self): 624 version_sdk = self.GetBuildProp("ro.build.version.sdk") 625 # init code switches to version_release_or_codename (see b/158483506). After 626 # API finalization, release_or_codename will be the same as release. This 627 # is the best effort to support pre-S dev stage builds. 628 if int(version_sdk) >= 30: 629 try: 630 return self.GetBuildProp("ro.build.version.release_or_codename") 631 except ExternalError: 632 logger.warning('Failed to find ro.build.version.release_or_codename') 633 634 return self.GetBuildProp("ro.build.version.release") 635 636 def _GetBuildId(self): 637 build_id = self._GetRawBuildProp("ro.build.id", None) 638 if build_id: 639 return build_id 640 641 legacy_build_id = self.GetBuildProp("ro.build.legacy.id") 642 if not legacy_build_id: 643 raise ExternalError("Couldn't find build id in property file") 644 645 if self.use_legacy_id: 646 return legacy_build_id 647 648 # Append the top 8 chars of vbmeta digest to the existing build id. The 649 # logic needs to match the one in init, so that OTA can deliver correctly. 650 avb_enable = self.info_dict.get("avb_enable") == "true" 651 if not avb_enable: 652 raise ExternalError("AVB isn't enabled when using legacy build id") 653 654 vbmeta_digest = self.info_dict.get("vbmeta_digest") 655 if not vbmeta_digest: 656 raise ExternalError("Vbmeta digest isn't provided when using legacy build" 657 " id") 658 if len(vbmeta_digest) < self._VBMETA_DIGEST_SIZE_USED: 659 raise ExternalError("Invalid vbmeta digest " + vbmeta_digest) 660 661 digest_prefix = vbmeta_digest[:self._VBMETA_DIGEST_SIZE_USED] 662 return legacy_build_id + '.' + digest_prefix 663 664 def _GetPartitionPlatformVersion(self, partition): 665 try: 666 return self.GetPartitionBuildProp("ro.build.version.release_or_codename", 667 partition) 668 except ExternalError: 669 return self.GetPartitionBuildProp("ro.build.version.release", 670 partition) 671 672 def GetOemProperty(self, key): 673 if self.oem_props is not None and key in self.oem_props: 674 return self.oem_dicts[0][key] 675 return self.GetBuildProp(key) 676 677 def GetPartitionFingerprint(self, partition): 678 return self._partition_fingerprints.get(partition, None) 679 680 def CalculatePartitionFingerprint(self, partition): 681 try: 682 return self.GetPartitionBuildProp("ro.build.fingerprint", partition) 683 except ExternalError: 684 return "{}/{}/{}:{}/{}/{}:{}/{}".format( 685 self.GetPartitionBuildProp("ro.product.brand", partition), 686 self.GetPartitionBuildProp("ro.product.name", partition), 687 self.GetPartitionBuildProp("ro.product.device", partition), 688 self._GetPartitionPlatformVersion(partition), 689 self.GetPartitionBuildProp("ro.build.id", partition), 690 self.GetPartitionBuildProp( 691 "ro.build.version.incremental", partition), 692 self.GetPartitionBuildProp("ro.build.type", partition), 693 self.GetPartitionBuildProp("ro.build.tags", partition)) 694 695 def CalculateFingerprint(self): 696 if self.oem_props is None: 697 try: 698 return self.GetBuildProp("ro.build.fingerprint") 699 except ExternalError: 700 return "{}/{}/{}:{}/{}/{}:{}/{}".format( 701 self.GetBuildProp("ro.product.brand"), 702 self.GetBuildProp("ro.product.name"), 703 self.GetBuildProp("ro.product.device"), 704 self._GetPlatformVersion(), 705 self.GetBuildProp("ro.build.id"), 706 self.GetBuildProp("ro.build.version.incremental"), 707 self.GetBuildProp("ro.build.type"), 708 self.GetBuildProp("ro.build.tags")) 709 return "%s/%s/%s:%s" % ( 710 self.GetOemProperty("ro.product.brand"), 711 self.GetOemProperty("ro.product.name"), 712 self.GetOemProperty("ro.product.device"), 713 self.GetBuildProp("ro.build.thumbprint")) 714 715 def WriteMountOemScript(self, script): 716 assert self.oem_props is not None 717 recovery_mount_options = self.info_dict.get("recovery_mount_options") 718 script.Mount("/oem", recovery_mount_options) 719 720 def WriteDeviceAssertions(self, script, oem_no_mount): 721 # Read the property directly if not using OEM properties. 722 if not self.oem_props: 723 script.AssertDevice(self.device) 724 return 725 726 # Otherwise assert OEM properties. 727 if not self.oem_dicts: 728 raise ExternalError( 729 "No OEM file provided to answer expected assertions") 730 731 for prop in self.oem_props.split(): 732 values = [] 733 for oem_dict in self.oem_dicts: 734 if prop in oem_dict: 735 values.append(oem_dict[prop]) 736 if not values: 737 raise ExternalError( 738 "The OEM file is missing the property %s" % (prop,)) 739 script.AssertOemProperty(prop, values, oem_no_mount) 740 741 742def DoesInputFileContain(input_file, fn): 743 """Check whether the input target_files.zip contain an entry `fn`""" 744 if isinstance(input_file, zipfile.ZipFile): 745 return fn in input_file.namelist() 746 elif zipfile.is_zipfile(input_file): 747 with zipfile.ZipFile(input_file, "r", allowZip64=True) as zfp: 748 return fn in zfp.namelist() 749 else: 750 if not os.path.isdir(input_file): 751 raise ValueError( 752 "Invalid input_file, accepted inputs are ZipFile object, path to .zip file on disk, or path to extracted directory. Actual: " + input_file) 753 path = os.path.join(input_file, *fn.split("/")) 754 return os.path.exists(path) 755 756 757def ReadBytesFromInputFile(input_file, fn): 758 """Reads the bytes of fn from input zipfile or directory.""" 759 if isinstance(input_file, zipfile.ZipFile): 760 return input_file.read(fn) 761 elif zipfile.is_zipfile(input_file): 762 with zipfile.ZipFile(input_file, "r", allowZip64=True) as zfp: 763 return zfp.read(fn) 764 else: 765 if not os.path.isdir(input_file): 766 raise ValueError( 767 "Invalid input_file, accepted inputs are ZipFile object, path to .zip file on disk, or path to extracted directory. Actual: " + input_file) 768 path = os.path.join(input_file, *fn.split("/")) 769 try: 770 with open(path, "rb") as f: 771 return f.read() 772 except IOError as e: 773 if e.errno == errno.ENOENT: 774 raise KeyError(fn) 775 776 777def ReadFromInputFile(input_file, fn): 778 """Reads the str contents of fn from input zipfile or directory.""" 779 return ReadBytesFromInputFile(input_file, fn).decode() 780 781 782def WriteBytesToInputFile(input_file, fn, data): 783 """Write bytes |data| contents to fn of input zipfile or directory.""" 784 if isinstance(input_file, zipfile.ZipFile): 785 with input_file.open(fn, "w") as entry_fp: 786 return entry_fp.write(data) 787 elif zipfile.is_zipfile(input_file): 788 with zipfile.ZipFile(input_file, "r", allowZip64=True) as zfp: 789 with zfp.open(fn, "w") as entry_fp: 790 return entry_fp.write(data) 791 else: 792 if not os.path.isdir(input_file): 793 raise ValueError( 794 "Invalid input_file, accepted inputs are ZipFile object, path to .zip file on disk, or path to extracted directory. Actual: " + input_file) 795 path = os.path.join(input_file, *fn.split("/")) 796 try: 797 with open(path, "wb") as f: 798 return f.write(data) 799 except IOError as e: 800 if e.errno == errno.ENOENT: 801 raise KeyError(fn) 802 803 804def WriteToInputFile(input_file, fn, str: str): 805 """Write str content to fn of input file or directory""" 806 return WriteBytesToInputFile(input_file, fn, str.encode()) 807 808 809def ExtractFromInputFile(input_file, fn): 810 """Extracts the contents of fn from input zipfile or directory into a file.""" 811 if isinstance(input_file, zipfile.ZipFile): 812 tmp_file = MakeTempFile(os.path.basename(fn)) 813 with open(tmp_file, 'wb') as f: 814 f.write(input_file.read(fn)) 815 return tmp_file 816 elif zipfile.is_zipfile(input_file): 817 with zipfile.ZipFile(input_file, "r", allowZip64=True) as zfp: 818 tmp_file = MakeTempFile(os.path.basename(fn)) 819 with open(tmp_file, "wb") as fp: 820 fp.write(zfp.read(fn)) 821 return tmp_file 822 else: 823 if not os.path.isdir(input_file): 824 raise ValueError( 825 "Invalid input_file, accepted inputs are ZipFile object, path to .zip file on disk, or path to extracted directory. Actual: " + input_file) 826 file = os.path.join(input_file, *fn.split("/")) 827 if not os.path.exists(file): 828 raise KeyError(fn) 829 return file 830 831 832class RamdiskFormat(object): 833 LZ4 = 1 834 GZ = 2 835 836 837def GetRamdiskFormat(info_dict): 838 if info_dict.get('lz4_ramdisks') == 'true': 839 ramdisk_format = RamdiskFormat.LZ4 840 else: 841 ramdisk_format = RamdiskFormat.GZ 842 return ramdisk_format 843 844 845def LoadInfoDict(input_file, repacking=False): 846 """Loads the key/value pairs from the given input target_files. 847 848 It reads `META/misc_info.txt` file in the target_files input, does validation 849 checks and returns the parsed key/value pairs for to the given build. It's 850 usually called early when working on input target_files files, e.g. when 851 generating OTAs, or signing builds. Note that the function may be called 852 against an old target_files file (i.e. from past dessert releases). So the 853 property parsing needs to be backward compatible. 854 855 In a `META/misc_info.txt`, a few properties are stored as links to the files 856 in the PRODUCT_OUT directory. It works fine with the build system. However, 857 they are no longer available when (re)generating images from target_files zip. 858 When `repacking` is True, redirect these properties to the actual files in the 859 unzipped directory. 860 861 Args: 862 input_file: The input target_files file, which could be an open 863 zipfile.ZipFile instance, or a str for the dir that contains the files 864 unzipped from a target_files file. 865 repacking: Whether it's trying repack an target_files file after loading the 866 info dict (default: False). If so, it will rewrite a few loaded 867 properties (e.g. selinux_fc, root_dir) to point to the actual files in 868 target_files file. When doing repacking, `input_file` must be a dir. 869 870 Returns: 871 A dict that contains the parsed key/value pairs. 872 873 Raises: 874 AssertionError: On invalid input arguments. 875 ValueError: On malformed input values. 876 """ 877 if repacking: 878 assert isinstance(input_file, str), \ 879 "input_file must be a path str when doing repacking" 880 881 def read_helper(fn): 882 return ReadFromInputFile(input_file, fn) 883 884 try: 885 d = LoadDictionaryFromLines(read_helper("META/misc_info.txt").split("\n")) 886 except KeyError: 887 raise ValueError("Failed to find META/misc_info.txt in input target-files") 888 889 if "recovery_api_version" not in d: 890 raise ValueError("Failed to find 'recovery_api_version'") 891 if "fstab_version" not in d: 892 raise ValueError("Failed to find 'fstab_version'") 893 894 if repacking: 895 # "selinux_fc" properties should point to the file_contexts files 896 # (file_contexts.bin) under META/. 897 for key in d: 898 if key.endswith("selinux_fc"): 899 fc_basename = os.path.basename(d[key]) 900 fc_config = os.path.join(input_file, "META", fc_basename) 901 assert os.path.exists(fc_config) 902 903 d[key] = fc_config 904 905 # Similarly we need to redirect "root_dir", and "root_fs_config". 906 d["root_dir"] = os.path.join(input_file, "ROOT") 907 d["root_fs_config"] = os.path.join( 908 input_file, "META", "root_filesystem_config.txt") 909 910 # Redirect {partition}_base_fs_file for each of the named partitions. 911 for part_name in ["system", "vendor", "system_ext", "product", "odm", 912 "vendor_dlkm", "odm_dlkm", "system_dlkm"]: 913 key_name = part_name + "_base_fs_file" 914 if key_name not in d: 915 continue 916 basename = os.path.basename(d[key_name]) 917 base_fs_file = os.path.join(input_file, "META", basename) 918 if os.path.exists(base_fs_file): 919 d[key_name] = base_fs_file 920 else: 921 logger.warning( 922 "Failed to find %s base fs file: %s", part_name, base_fs_file) 923 del d[key_name] 924 925 def makeint(key): 926 if key in d: 927 d[key] = int(d[key], 0) 928 929 makeint("recovery_api_version") 930 makeint("blocksize") 931 makeint("system_size") 932 makeint("vendor_size") 933 makeint("userdata_size") 934 makeint("cache_size") 935 makeint("recovery_size") 936 makeint("fstab_version") 937 938 boot_images = "boot.img" 939 if "boot_images" in d: 940 boot_images = d["boot_images"] 941 for b in boot_images.split(): 942 makeint(b.replace(".img", "_size")) 943 944 # Load recovery fstab if applicable. 945 d["fstab"] = _FindAndLoadRecoveryFstab(d, input_file, read_helper) 946 ramdisk_format = GetRamdiskFormat(d) 947 948 # Tries to load the build props for all partitions with care_map, including 949 # system and vendor. 950 for partition in PARTITIONS_WITH_BUILD_PROP: 951 partition_prop = "{}.build.prop".format(partition) 952 d[partition_prop] = PartitionBuildProps.FromInputFile( 953 input_file, partition, ramdisk_format=ramdisk_format) 954 d["build.prop"] = d["system.build.prop"] 955 956 if d.get("avb_enable") == "true": 957 build_info = BuildInfo(d, use_legacy_id=True) 958 # Set up the salt for partitions without build.prop 959 if build_info.fingerprint: 960 if "fingerprint" not in d: 961 d["fingerprint"] = build_info.fingerprint 962 if "avb_salt" not in d: 963 d["avb_salt"] = sha256(build_info.fingerprint.encode()).hexdigest() 964 # Set the vbmeta digest if exists 965 try: 966 d["vbmeta_digest"] = read_helper("META/vbmeta_digest.txt").rstrip() 967 except KeyError: 968 pass 969 970 try: 971 d["ab_partitions"] = read_helper("META/ab_partitions.txt").split("\n") 972 except KeyError: 973 logger.warning("Can't find META/ab_partitions.txt") 974 return d 975 976 977def LoadListFromFile(file_path): 978 with open(file_path) as f: 979 return f.read().splitlines() 980 981 982def LoadDictionaryFromFile(file_path): 983 lines = LoadListFromFile(file_path) 984 return LoadDictionaryFromLines(lines) 985 986 987def LoadDictionaryFromLines(lines): 988 d = {} 989 for line in lines: 990 line = line.strip() 991 if not line or line.startswith("#"): 992 continue 993 if "=" in line: 994 name, value = line.split("=", 1) 995 d[name] = value 996 return d 997 998 999class PartitionBuildProps(object): 1000 """The class holds the build prop of a particular partition. 1001 1002 This class loads the build.prop and holds the build properties for a given 1003 partition. It also partially recognizes the 'import' statement in the 1004 build.prop; and calculates alternative values of some specific build 1005 properties during runtime. 1006 1007 Attributes: 1008 input_file: a zipped target-file or an unzipped target-file directory. 1009 partition: name of the partition. 1010 props_allow_override: a list of build properties to search for the 1011 alternative values during runtime. 1012 build_props: a dict of build properties for the given partition. 1013 prop_overrides: a set of props that are overridden by import. 1014 placeholder_values: A dict of runtime variables' values to replace the 1015 placeholders in the build.prop file. We expect exactly one value for 1016 each of the variables. 1017 ramdisk_format: If name is "boot", the format of ramdisk inside the 1018 boot image. Otherwise, its value is ignored. 1019 Use lz4 to decompress by default. If its value is gzip, use gzip. 1020 """ 1021 1022 def __init__(self, input_file, name, placeholder_values=None): 1023 self.input_file = input_file 1024 self.partition = name 1025 self.props_allow_override = [props.format(name) for props in [ 1026 'ro.product.{}.brand', 'ro.product.{}.name', 'ro.product.{}.device']] 1027 self.build_props = {} 1028 self.prop_overrides = set() 1029 self.placeholder_values = {} 1030 if placeholder_values: 1031 self.placeholder_values = copy.deepcopy(placeholder_values) 1032 1033 @staticmethod 1034 def FromDictionary(name, build_props): 1035 """Constructs an instance from a build prop dictionary.""" 1036 1037 props = PartitionBuildProps("unknown", name) 1038 props.build_props = build_props.copy() 1039 return props 1040 1041 @staticmethod 1042 def FromInputFile(input_file, name, placeholder_values=None, ramdisk_format=RamdiskFormat.LZ4): 1043 """Loads the build.prop file and builds the attributes.""" 1044 1045 if name in ("boot", "init_boot"): 1046 data = PartitionBuildProps._ReadBootPropFile( 1047 input_file, name, ramdisk_format=ramdisk_format) 1048 else: 1049 data = PartitionBuildProps._ReadPartitionPropFile(input_file, name) 1050 1051 props = PartitionBuildProps(input_file, name, placeholder_values) 1052 props._LoadBuildProp(data) 1053 return props 1054 1055 @staticmethod 1056 def _ReadBootPropFile(input_file, partition_name, ramdisk_format): 1057 """ 1058 Read build.prop for boot image from input_file. 1059 Return empty string if not found. 1060 """ 1061 image_path = 'IMAGES/' + partition_name + '.img' 1062 try: 1063 boot_img = ExtractFromInputFile(input_file, image_path) 1064 except KeyError: 1065 logger.warning('Failed to read %s', image_path) 1066 return '' 1067 prop_file = GetBootImageBuildProp(boot_img, ramdisk_format=ramdisk_format) 1068 if prop_file is None: 1069 return '' 1070 with open(prop_file, "r") as f: 1071 return f.read() 1072 1073 @staticmethod 1074 def _ReadPartitionPropFile(input_file, name): 1075 """ 1076 Read build.prop for name from input_file. 1077 Return empty string if not found. 1078 """ 1079 data = '' 1080 for prop_file in ['{}/etc/build.prop'.format(name.upper()), 1081 '{}/build.prop'.format(name.upper())]: 1082 try: 1083 data = ReadFromInputFile(input_file, prop_file) 1084 break 1085 except KeyError: 1086 logger.warning('Failed to read %s', prop_file) 1087 if data == '': 1088 logger.warning("Failed to read build.prop for partition {}".format(name)) 1089 return data 1090 1091 @staticmethod 1092 def FromBuildPropFile(name, build_prop_file): 1093 """Constructs an instance from a build prop file.""" 1094 1095 props = PartitionBuildProps("unknown", name) 1096 with open(build_prop_file) as f: 1097 props._LoadBuildProp(f.read()) 1098 return props 1099 1100 def _LoadBuildProp(self, data): 1101 for line in data.split('\n'): 1102 line = line.strip() 1103 if not line or line.startswith("#"): 1104 continue 1105 if line.startswith("import"): 1106 overrides = self._ImportParser(line) 1107 duplicates = self.prop_overrides.intersection(overrides.keys()) 1108 if duplicates: 1109 raise ValueError('prop {} is overridden multiple times'.format( 1110 ','.join(duplicates))) 1111 self.prop_overrides = self.prop_overrides.union(overrides.keys()) 1112 self.build_props.update(overrides) 1113 elif "=" in line: 1114 name, value = line.split("=", 1) 1115 if name in self.prop_overrides: 1116 raise ValueError('prop {} is set again after overridden by import ' 1117 'statement'.format(name)) 1118 self.build_props[name] = value 1119 1120 def _ImportParser(self, line): 1121 """Parses the build prop in a given import statement.""" 1122 1123 tokens = line.split() 1124 if tokens[0] != 'import' or (len(tokens) != 2 and len(tokens) != 3): 1125 raise ValueError('Unrecognized import statement {}'.format(line)) 1126 1127 if len(tokens) == 3: 1128 logger.info("Import %s from %s, skip", tokens[2], tokens[1]) 1129 return {} 1130 1131 import_path = tokens[1] 1132 if not re.match(r'^/{}/.*\.prop$'.format(self.partition), import_path): 1133 logger.warn('Unrecognized import path {}'.format(line)) 1134 return {} 1135 1136 # We only recognize a subset of import statement that the init process 1137 # supports. And we can loose the restriction based on how the dynamic 1138 # fingerprint is used in practice. The placeholder format should be 1139 # ${placeholder}, and its value should be provided by the caller through 1140 # the placeholder_values. 1141 for prop, value in self.placeholder_values.items(): 1142 prop_place_holder = '${{{}}}'.format(prop) 1143 if prop_place_holder in import_path: 1144 import_path = import_path.replace(prop_place_holder, value) 1145 if '$' in import_path: 1146 logger.info('Unresolved place holder in import path %s', import_path) 1147 return {} 1148 1149 import_path = import_path.replace('/{}'.format(self.partition), 1150 self.partition.upper()) 1151 logger.info('Parsing build props override from %s', import_path) 1152 1153 lines = ReadFromInputFile(self.input_file, import_path).split('\n') 1154 d = LoadDictionaryFromLines(lines) 1155 return {key: val for key, val in d.items() 1156 if key in self.props_allow_override} 1157 1158 def __getstate__(self): 1159 state = self.__dict__.copy() 1160 # Don't pickle baz 1161 if "input_file" in state and isinstance(state["input_file"], zipfile.ZipFile): 1162 state["input_file"] = state["input_file"].filename 1163 return state 1164 1165 def GetProp(self, prop): 1166 return self.build_props.get(prop) 1167 1168 1169def LoadRecoveryFSTab(read_helper, fstab_version, recovery_fstab_path): 1170 class Partition(object): 1171 def __init__(self, mount_point, fs_type, device, length, context, slotselect): 1172 self.mount_point = mount_point 1173 self.fs_type = fs_type 1174 self.device = device 1175 self.length = length 1176 self.context = context 1177 self.slotselect = slotselect 1178 1179 try: 1180 data = read_helper(recovery_fstab_path) 1181 except KeyError: 1182 logger.warning("Failed to find %s", recovery_fstab_path) 1183 data = "" 1184 1185 assert fstab_version == 2 1186 1187 d = {} 1188 for line in data.split("\n"): 1189 line = line.strip() 1190 if not line or line.startswith("#"): 1191 continue 1192 1193 # <src> <mnt_point> <type> <mnt_flags and options> <fs_mgr_flags> 1194 pieces = line.split() 1195 if len(pieces) != 5: 1196 raise ValueError("malformed recovery.fstab line: \"%s\"" % (line,)) 1197 1198 # Ignore entries that are managed by vold. 1199 options = pieces[4] 1200 if "voldmanaged=" in options: 1201 continue 1202 1203 # It's a good line, parse it. 1204 length = 0 1205 slotselect = False 1206 options = options.split(",") 1207 for i in options: 1208 if i.startswith("length="): 1209 length = int(i[7:]) 1210 elif i == "slotselect": 1211 slotselect = True 1212 else: 1213 # Ignore all unknown options in the unified fstab. 1214 continue 1215 1216 mount_flags = pieces[3] 1217 # Honor the SELinux context if present. 1218 context = None 1219 for i in mount_flags.split(","): 1220 if i.startswith("context="): 1221 context = i 1222 1223 mount_point = pieces[1] 1224 d[mount_point] = Partition(mount_point=mount_point, fs_type=pieces[2], 1225 device=pieces[0], length=length, context=context, 1226 slotselect=slotselect) 1227 1228 return d 1229 1230 1231def _FindAndLoadRecoveryFstab(info_dict, input_file, read_helper): 1232 """Finds the path to recovery fstab and loads its contents.""" 1233 # recovery fstab is only meaningful when installing an update via recovery 1234 # (i.e. non-A/B OTA). Skip loading fstab if device used A/B OTA. 1235 if info_dict.get('ab_update') == 'true' and \ 1236 info_dict.get("allow_non_ab") != "true": 1237 return None 1238 1239 # We changed recovery.fstab path in Q, from ../RAMDISK/etc/recovery.fstab to 1240 # ../RAMDISK/system/etc/recovery.fstab. This function has to handle both 1241 # cases, since it may load the info_dict from an old build (e.g. when 1242 # generating incremental OTAs from that build). 1243 if info_dict.get('no_recovery') != 'true': 1244 recovery_fstab_path = 'RECOVERY/RAMDISK/system/etc/recovery.fstab' 1245 if not DoesInputFileContain(input_file, recovery_fstab_path): 1246 recovery_fstab_path = 'RECOVERY/RAMDISK/etc/recovery.fstab' 1247 return LoadRecoveryFSTab( 1248 read_helper, info_dict['fstab_version'], recovery_fstab_path) 1249 1250 if info_dict.get('recovery_as_boot') == 'true': 1251 recovery_fstab_path = 'BOOT/RAMDISK/system/etc/recovery.fstab' 1252 if not DoesInputFileContain(input_file, recovery_fstab_path): 1253 recovery_fstab_path = 'BOOT/RAMDISK/etc/recovery.fstab' 1254 return LoadRecoveryFSTab( 1255 read_helper, info_dict['fstab_version'], recovery_fstab_path) 1256 1257 return None 1258 1259 1260def DumpInfoDict(d): 1261 for k, v in sorted(d.items()): 1262 logger.info("%-25s = (%s) %s", k, type(v).__name__, v) 1263 1264 1265def MergeDynamicPartitionInfoDicts(framework_dict, vendor_dict): 1266 """Merges dynamic partition info variables. 1267 1268 Args: 1269 framework_dict: The dictionary of dynamic partition info variables from the 1270 partial framework target files. 1271 vendor_dict: The dictionary of dynamic partition info variables from the 1272 partial vendor target files. 1273 1274 Returns: 1275 The merged dynamic partition info dictionary. 1276 """ 1277 1278 def uniq_concat(a, b): 1279 combined = set(a.split()) 1280 combined.update(set(b.split())) 1281 combined = [item.strip() for item in combined if item.strip()] 1282 return " ".join(sorted(combined)) 1283 1284 if (framework_dict.get("use_dynamic_partitions") != 1285 "true") or (vendor_dict.get("use_dynamic_partitions") != "true"): 1286 raise ValueError("Both dictionaries must have use_dynamic_partitions=true") 1287 1288 merged_dict = {"use_dynamic_partitions": "true"} 1289 # For keys-value pairs that are the same, copy to merged dict 1290 for key in vendor_dict.keys(): 1291 if key in framework_dict and framework_dict[key] == vendor_dict[key]: 1292 merged_dict[key] = vendor_dict[key] 1293 1294 merged_dict["dynamic_partition_list"] = uniq_concat( 1295 framework_dict.get("dynamic_partition_list", ""), 1296 vendor_dict.get("dynamic_partition_list", "")) 1297 1298 # Super block devices are defined by the vendor dict. 1299 if "super_block_devices" in vendor_dict: 1300 merged_dict["super_block_devices"] = vendor_dict["super_block_devices"] 1301 for block_device in merged_dict["super_block_devices"].split(): 1302 key = "super_%s_device_size" % block_device 1303 if key not in vendor_dict: 1304 raise ValueError("Vendor dict does not contain required key %s." % key) 1305 merged_dict[key] = vendor_dict[key] 1306 1307 # Partition groups and group sizes are defined by the vendor dict because 1308 # these values may vary for each board that uses a shared system image. 1309 merged_dict["super_partition_groups"] = vendor_dict["super_partition_groups"] 1310 for partition_group in merged_dict["super_partition_groups"].split(): 1311 # Set the partition group's size using the value from the vendor dict. 1312 key = "super_%s_group_size" % partition_group 1313 if key not in vendor_dict: 1314 raise ValueError("Vendor dict does not contain required key %s." % key) 1315 merged_dict[key] = vendor_dict[key] 1316 1317 # Set the partition group's partition list using a concatenation of the 1318 # framework and vendor partition lists. 1319 key = "super_%s_partition_list" % partition_group 1320 merged_dict[key] = uniq_concat( 1321 framework_dict.get(key, ""), vendor_dict.get(key, "")) 1322 # in the case that vendor is on s build, but is taking a v3 -> v3 vabc ota, we want to fallback to v2 1323 if "vabc_cow_version" not in vendor_dict or "vabc_cow_version" not in framework_dict: 1324 merged_dict["vabc_cow_version"] = '2' 1325 else: 1326 merged_dict["vabc_cow_version"] = min(vendor_dict["vabc_cow_version"], framework_dict["vabc_cow_version"]) 1327 # Various other flags should be copied from the vendor dict, if defined. 1328 for key in ("virtual_ab", "virtual_ab_retrofit", "lpmake", 1329 "super_metadata_device", "super_partition_error_limit", 1330 "super_partition_size"): 1331 if key in vendor_dict.keys(): 1332 merged_dict[key] = vendor_dict[key] 1333 1334 return merged_dict 1335 1336 1337def PartitionMapFromTargetFiles(target_files_dir): 1338 """Builds a map from partition -> path within an extracted target files directory.""" 1339 # Keep possible_subdirs in sync with build/make/core/board_config.mk. 1340 possible_subdirs = { 1341 "system": ["SYSTEM"], 1342 "vendor": ["VENDOR", "SYSTEM/vendor"], 1343 "product": ["PRODUCT", "SYSTEM/product"], 1344 "system_ext": ["SYSTEM_EXT", "SYSTEM/system_ext"], 1345 "odm": ["ODM", "VENDOR/odm", "SYSTEM/vendor/odm"], 1346 "vendor_dlkm": [ 1347 "VENDOR_DLKM", "VENDOR/vendor_dlkm", "SYSTEM/vendor/vendor_dlkm" 1348 ], 1349 "odm_dlkm": ["ODM_DLKM", "VENDOR/odm_dlkm", "SYSTEM/vendor/odm_dlkm"], 1350 "system_dlkm": ["SYSTEM_DLKM", "SYSTEM/system_dlkm"], 1351 } 1352 partition_map = {} 1353 for partition, subdirs in possible_subdirs.items(): 1354 for subdir in subdirs: 1355 if os.path.exists(os.path.join(target_files_dir, subdir)): 1356 partition_map[partition] = subdir 1357 break 1358 return partition_map 1359 1360 1361def SharedUidPartitionViolations(uid_dict, partition_groups): 1362 """Checks for APK sharedUserIds that cross partition group boundaries. 1363 1364 This uses a single or merged build's shareduid_violation_modules.json 1365 output file, as generated by find_shareduid_violation.py or 1366 core/tasks/find-shareduid-violation.mk. 1367 1368 An error is defined as a sharedUserId that is found in a set of partitions 1369 that span more than one partition group. 1370 1371 Args: 1372 uid_dict: A dictionary created by using the standard json module to read a 1373 complete shareduid_violation_modules.json file. 1374 partition_groups: A list of groups, where each group is a list of 1375 partitions. 1376 1377 Returns: 1378 A list of error messages. 1379 """ 1380 errors = [] 1381 for uid, partitions in uid_dict.items(): 1382 found_in_groups = [ 1383 group for group in partition_groups 1384 if set(partitions.keys()) & set(group) 1385 ] 1386 if len(found_in_groups) > 1: 1387 errors.append( 1388 "APK sharedUserId \"%s\" found across partition groups in partitions \"%s\"" 1389 % (uid, ",".join(sorted(partitions.keys())))) 1390 return errors 1391 1392 1393def RunHostInitVerifier(product_out, partition_map): 1394 """Runs host_init_verifier on the init rc files within partitions. 1395 1396 host_init_verifier searches the etc/init path within each partition. 1397 1398 Args: 1399 product_out: PRODUCT_OUT directory, containing partition directories. 1400 partition_map: A map of partition name -> relative path within product_out. 1401 """ 1402 allowed_partitions = ("system", "system_ext", "product", "vendor", "odm") 1403 cmd = ["host_init_verifier"] 1404 for partition, path in partition_map.items(): 1405 if partition not in allowed_partitions: 1406 raise ExternalError("Unable to call host_init_verifier for partition %s" % 1407 partition) 1408 cmd.extend(["--out_%s" % partition, os.path.join(product_out, path)]) 1409 # Add --property-contexts if the file exists on the partition. 1410 property_contexts = "%s_property_contexts" % ( 1411 "plat" if partition == "system" else partition) 1412 property_contexts_path = os.path.join(product_out, path, "etc", "selinux", 1413 property_contexts) 1414 if os.path.exists(property_contexts_path): 1415 cmd.append("--property-contexts=%s" % property_contexts_path) 1416 # Add the passwd file if the file exists on the partition. 1417 passwd_path = os.path.join(product_out, path, "etc", "passwd") 1418 if os.path.exists(passwd_path): 1419 cmd.extend(["-p", passwd_path]) 1420 return RunAndCheckOutput(cmd) 1421 1422 1423def AppendAVBSigningArgs(cmd, partition, avb_salt=None): 1424 """Append signing arguments for avbtool.""" 1425 # e.g., "--key path/to/signing_key --algorithm SHA256_RSA4096" 1426 key_path = ResolveAVBSigningPathArgs( 1427 OPTIONS.info_dict.get("avb_" + partition + "_key_path")) 1428 algorithm = OPTIONS.info_dict.get("avb_" + partition + "_algorithm") 1429 if key_path and algorithm: 1430 cmd.extend(["--key", key_path, "--algorithm", algorithm]) 1431 if avb_salt is None: 1432 avb_salt = OPTIONS.info_dict.get("avb_salt") 1433 # make_vbmeta_image doesn't like "--salt" (and it's not needed). 1434 if avb_salt and not partition.startswith("vbmeta"): 1435 cmd.extend(["--salt", avb_salt]) 1436 1437 1438def ResolveAVBSigningPathArgs(split_args): 1439 1440 def ResolveBinaryPath(path): 1441 if os.path.exists(path): 1442 return path 1443 if OPTIONS.search_path: 1444 new_path = os.path.join(OPTIONS.search_path, path) 1445 if os.path.exists(new_path): 1446 return new_path 1447 raise ExternalError( 1448 "Failed to find {}".format(path)) 1449 1450 if not split_args: 1451 return split_args 1452 1453 if isinstance(split_args, list): 1454 for index, arg in enumerate(split_args[:-1]): 1455 if arg == '--signing_helper': 1456 signing_helper_path = split_args[index + 1] 1457 split_args[index + 1] = ResolveBinaryPath(signing_helper_path) 1458 break 1459 elif isinstance(split_args, str): 1460 split_args = ResolveBinaryPath(split_args) 1461 1462 return split_args 1463 1464 1465def GetAvbPartitionArg(partition, image, info_dict=None): 1466 """Returns the VBMeta arguments for one partition. 1467 1468 It sets up the VBMeta argument by including the partition descriptor from the 1469 given 'image', or by configuring the partition as a chained partition. 1470 1471 Args: 1472 partition: The name of the partition (e.g. "system"). 1473 image: The path to the partition image. 1474 info_dict: A dict returned by common.LoadInfoDict(). Will use 1475 OPTIONS.info_dict if None has been given. 1476 1477 Returns: 1478 A list of VBMeta arguments for one partition. 1479 """ 1480 if info_dict is None: 1481 info_dict = OPTIONS.info_dict 1482 1483 # Check if chain partition is used. 1484 key_path = info_dict.get("avb_" + partition + "_key_path") 1485 if not key_path: 1486 return [AVB_ARG_NAME_INCLUDE_DESC_FROM_IMG, image] 1487 1488 # For a non-A/B device, we don't chain /recovery nor include its descriptor 1489 # into vbmeta.img. The recovery image will be configured on an independent 1490 # boot chain, to be verified with AVB_SLOT_VERIFY_FLAGS_NO_VBMETA_PARTITION. 1491 # See details at 1492 # https://android.googlesource.com/platform/external/avb/+/master/README.md#booting-into-recovery. 1493 if info_dict.get("ab_update") != "true" and partition == "recovery": 1494 return [] 1495 1496 # Otherwise chain the partition into vbmeta. 1497 chained_partition_arg = GetAvbChainedPartitionArg(partition, info_dict) 1498 return [AVB_ARG_NAME_CHAIN_PARTITION, chained_partition_arg] 1499 1500 1501def GetAvbPartitionsArg(partitions, 1502 resolve_rollback_index_location_conflict=False, 1503 info_dict=None): 1504 """Returns the VBMeta arguments for all AVB partitions. 1505 1506 It sets up the VBMeta argument by calling GetAvbPartitionArg of all 1507 partitions. 1508 1509 Args: 1510 partitions: A dict of all AVB partitions. 1511 resolve_rollback_index_location_conflict: If true, resolve conflicting avb 1512 rollback index locations by assigning the smallest unused value. 1513 info_dict: A dict returned by common.LoadInfoDict(). 1514 1515 Returns: 1516 A list of VBMeta arguments for all partitions. 1517 """ 1518 # An AVB partition will be linked into a vbmeta partition by either 1519 # AVB_ARG_NAME_INCLUDE_DESC_FROM_IMG or AVB_ARG_NAME_CHAIN_PARTITION, there 1520 # should be no other cases. 1521 valid_args = { 1522 AVB_ARG_NAME_INCLUDE_DESC_FROM_IMG: [], 1523 AVB_ARG_NAME_CHAIN_PARTITION: [] 1524 } 1525 1526 for partition, path in sorted(partitions.items()): 1527 avb_partition_arg = GetAvbPartitionArg(partition, path, info_dict) 1528 if not avb_partition_arg: 1529 continue 1530 arg_name, arg_value = avb_partition_arg 1531 assert arg_name in valid_args 1532 valid_args[arg_name].append(arg_value) 1533 1534 # Copy the arguments for non-chained AVB partitions directly without 1535 # intervention. 1536 avb_args = [] 1537 for image in valid_args[AVB_ARG_NAME_INCLUDE_DESC_FROM_IMG]: 1538 avb_args.extend([AVB_ARG_NAME_INCLUDE_DESC_FROM_IMG, image]) 1539 1540 # Handle chained AVB partitions. The rollback index location might be 1541 # adjusted if two partitions use the same value. This may happen when mixing 1542 # a shared system image with other vendor images. 1543 used_index_loc = set() 1544 for chained_partition_arg in valid_args[AVB_ARG_NAME_CHAIN_PARTITION]: 1545 if resolve_rollback_index_location_conflict: 1546 while chained_partition_arg.rollback_index_location in used_index_loc: 1547 chained_partition_arg.rollback_index_location += 1 1548 1549 used_index_loc.add(chained_partition_arg.rollback_index_location) 1550 avb_args.extend([AVB_ARG_NAME_CHAIN_PARTITION, 1551 chained_partition_arg.to_string()]) 1552 1553 return avb_args 1554 1555 1556def GetAvbChainedPartitionArg(partition, info_dict, key=None): 1557 """Constructs and returns the arg to build or verify a chained partition. 1558 1559 Args: 1560 partition: The partition name. 1561 info_dict: The info dict to look up the key info and rollback index 1562 location. 1563 key: The key to be used for building or verifying the partition. Defaults to 1564 the key listed in info_dict. 1565 1566 Returns: 1567 An AvbChainedPartitionArg object with rollback_index_location and 1568 pubkey_path that can be used to build or verify vbmeta image. 1569 """ 1570 if key is None: 1571 key = info_dict["avb_" + partition + "_key_path"] 1572 key = ResolveAVBSigningPathArgs(key) 1573 pubkey_path = ExtractAvbPublicKey(info_dict["avb_avbtool"], key) 1574 rollback_index_location = info_dict[ 1575 "avb_" + partition + "_rollback_index_location"] 1576 return AvbChainedPartitionArg( 1577 partition=partition, 1578 rollback_index_location=int(rollback_index_location), 1579 pubkey_path=pubkey_path) 1580 1581 1582def BuildVBMeta(image_path, partitions, name, needed_partitions, 1583 resolve_rollback_index_location_conflict=False): 1584 """Creates a VBMeta image. 1585 1586 It generates the requested VBMeta image. The requested image could be for 1587 top-level or chained VBMeta image, which is determined based on the name. 1588 1589 Args: 1590 image_path: The output path for the new VBMeta image. 1591 partitions: A dict that's keyed by partition names with image paths as 1592 values. Only valid partition names are accepted, as partitions listed 1593 in common.AVB_PARTITIONS and custom partitions listed in 1594 OPTIONS.info_dict.get("avb_custom_images_partition_list") 1595 name: Name of the VBMeta partition, e.g. 'vbmeta', 'vbmeta_system'. 1596 needed_partitions: Partitions whose descriptors should be included into the 1597 generated VBMeta image. 1598 resolve_rollback_index_location_conflict: If true, resolve conflicting avb 1599 rollback index locations by assigning the smallest unused value. 1600 1601 Raises: 1602 AssertionError: On invalid input args. 1603 """ 1604 avbtool = OPTIONS.info_dict["avb_avbtool"] 1605 cmd = [avbtool, "make_vbmeta_image", "--output", image_path] 1606 AppendAVBSigningArgs(cmd, name) 1607 1608 custom_partitions = OPTIONS.info_dict.get( 1609 "avb_custom_images_partition_list", "").strip().split() 1610 custom_avb_partitions = ["vbmeta_" + part for part in OPTIONS.info_dict.get( 1611 "avb_custom_vbmeta_images_partition_list", "").strip().split()] 1612 1613 avb_partitions = {} 1614 for partition, path in sorted(partitions.items()): 1615 if partition not in needed_partitions: 1616 continue 1617 assert (partition in AVB_PARTITIONS or 1618 partition in AVB_VBMETA_PARTITIONS or 1619 partition in custom_avb_partitions or 1620 partition in custom_partitions), \ 1621 'Unknown partition: {}'.format(partition) 1622 assert os.path.exists(path), \ 1623 'Failed to find {} for {}'.format(path, partition) 1624 avb_partitions[partition] = path 1625 cmd.extend(GetAvbPartitionsArg(avb_partitions, 1626 resolve_rollback_index_location_conflict)) 1627 1628 args = OPTIONS.info_dict.get("avb_{}_args".format(name)) 1629 if args and args.strip(): 1630 split_args = shlex.split(args) 1631 for index, arg in enumerate(split_args[:-1]): 1632 # Check that the image file exists. Some images might be defined 1633 # as a path relative to source tree, which may not be available at the 1634 # same location when running this script (we have the input target_files 1635 # zip only). For such cases, we additionally scan other locations (e.g. 1636 # IMAGES/, RADIO/, etc) before bailing out. 1637 if arg == AVB_ARG_NAME_INCLUDE_DESC_FROM_IMG: 1638 chained_image = split_args[index + 1] 1639 if os.path.exists(chained_image): 1640 continue 1641 found = False 1642 for dir_name in ['IMAGES', 'RADIO', 'PREBUILT_IMAGES']: 1643 alt_path = os.path.join( 1644 OPTIONS.input_tmp, dir_name, os.path.basename(chained_image)) 1645 if os.path.exists(alt_path): 1646 split_args[index + 1] = alt_path 1647 found = True 1648 break 1649 assert found, 'Failed to find {}'.format(chained_image) 1650 1651 split_args = ResolveAVBSigningPathArgs(split_args) 1652 cmd.extend(split_args) 1653 1654 RunAndCheckOutput(cmd) 1655 1656 1657def _MakeRamdisk(sourcedir, fs_config_file=None, 1658 dev_node_file=None, 1659 ramdisk_format=RamdiskFormat.GZ): 1660 ramdisk_img = tempfile.NamedTemporaryFile() 1661 1662 cmd = ["mkbootfs"] 1663 1664 if fs_config_file and os.access(fs_config_file, os.F_OK): 1665 cmd.extend(["-f", fs_config_file]) 1666 1667 if dev_node_file and os.access(dev_node_file, os.F_OK): 1668 cmd.extend(["-n", dev_node_file]) 1669 1670 cmd.append(os.path.join(sourcedir, "RAMDISK")) 1671 1672 p1 = Run(cmd, stdout=subprocess.PIPE) 1673 if ramdisk_format == RamdiskFormat.LZ4: 1674 p2 = Run(["lz4", "-l", "-12", "--favor-decSpeed"], stdin=p1.stdout, 1675 stdout=ramdisk_img.file.fileno()) 1676 elif ramdisk_format == RamdiskFormat.GZ: 1677 p2 = Run(["gzip"], stdin=p1.stdout, stdout=ramdisk_img.file.fileno()) 1678 else: 1679 raise ValueError("Only support lz4 or gzip ramdisk format.") 1680 1681 p2.wait() 1682 p1.wait() 1683 assert p1.returncode == 0, "mkbootfs of %s ramdisk failed" % (sourcedir,) 1684 assert p2.returncode == 0, "compression of %s ramdisk failed" % (sourcedir,) 1685 1686 return ramdisk_img 1687 1688 1689def _BuildBootableImage(image_name, sourcedir, fs_config_file, 1690 dev_node_file=None, info_dict=None, 1691 has_ramdisk=False, two_step_image=False): 1692 """Build a bootable image from the specified sourcedir. 1693 1694 Take a kernel, cmdline, and optionally a ramdisk directory from the input (in 1695 'sourcedir'), and turn them into a boot image. 'two_step_image' indicates if 1696 we are building a two-step special image (i.e. building a recovery image to 1697 be loaded into /boot in two-step OTAs). 1698 1699 Return the image data, or None if sourcedir does not appear to contains files 1700 for building the requested image. 1701 """ 1702 1703 if info_dict is None: 1704 info_dict = OPTIONS.info_dict 1705 1706 # "boot" or "recovery", without extension. 1707 partition_name = os.path.basename(sourcedir).lower() 1708 1709 kernel = None 1710 if partition_name == "recovery": 1711 if info_dict.get("exclude_kernel_from_recovery_image") == "true": 1712 logger.info("Excluded kernel binary from recovery image.") 1713 else: 1714 kernel = "kernel" 1715 elif partition_name == "init_boot": 1716 pass 1717 else: 1718 kernel = image_name.replace("boot", "kernel") 1719 kernel = kernel.replace(".img", "") 1720 if kernel and not os.access(os.path.join(sourcedir, kernel), os.F_OK): 1721 return None 1722 1723 kernel_path = os.path.join(sourcedir, kernel) if kernel else None 1724 1725 if has_ramdisk and not os.access(os.path.join(sourcedir, "RAMDISK"), os.F_OK): 1726 return None 1727 1728 img = tempfile.NamedTemporaryFile() 1729 1730 if has_ramdisk: 1731 ramdisk_format = GetRamdiskFormat(info_dict) 1732 ramdisk_img = _MakeRamdisk(sourcedir, fs_config_file, dev_node_file, 1733 ramdisk_format=ramdisk_format) 1734 1735 # use MKBOOTIMG from environ, or "mkbootimg" if empty or not set 1736 mkbootimg = os.getenv('MKBOOTIMG') or "mkbootimg" 1737 1738 cmd = [mkbootimg] 1739 if kernel_path is not None: 1740 cmd.extend(["--kernel", kernel_path]) 1741 1742 fn = os.path.join(sourcedir, "second") 1743 if os.access(fn, os.F_OK): 1744 cmd.append("--second") 1745 cmd.append(fn) 1746 1747 fn = os.path.join(sourcedir, "dtb") 1748 if os.access(fn, os.F_OK): 1749 cmd.append("--dtb") 1750 cmd.append(fn) 1751 1752 fn = os.path.join(sourcedir, "cmdline") 1753 if os.access(fn, os.F_OK): 1754 cmd.append("--cmdline") 1755 cmd.append(open(fn).read().rstrip("\n")) 1756 1757 fn = os.path.join(sourcedir, "base") 1758 if os.access(fn, os.F_OK): 1759 cmd.append("--base") 1760 cmd.append(open(fn).read().rstrip("\n")) 1761 1762 fn = os.path.join(sourcedir, "pagesize") 1763 if os.access(fn, os.F_OK): 1764 cmd.append("--pagesize") 1765 cmd.append(open(fn).read().rstrip("\n")) 1766 1767 if partition_name == "recovery": 1768 args = info_dict.get("recovery_mkbootimg_args") 1769 if not args: 1770 # Fall back to "mkbootimg_args" for recovery image 1771 # in case "recovery_mkbootimg_args" is not set. 1772 args = info_dict.get("mkbootimg_args") 1773 elif partition_name == "init_boot": 1774 args = info_dict.get("mkbootimg_init_args") 1775 else: 1776 args = info_dict.get("mkbootimg_args") 1777 if args and args.strip(): 1778 cmd.extend(shlex.split(args)) 1779 1780 args = info_dict.get("mkbootimg_version_args") 1781 if args and args.strip(): 1782 cmd.extend(shlex.split(args)) 1783 1784 if has_ramdisk: 1785 cmd.extend(["--ramdisk", ramdisk_img.name]) 1786 1787 img_unsigned = None 1788 if info_dict.get("vboot"): 1789 img_unsigned = tempfile.NamedTemporaryFile() 1790 cmd.extend(["--output", img_unsigned.name]) 1791 else: 1792 cmd.extend(["--output", img.name]) 1793 1794 if partition_name == "recovery": 1795 if info_dict.get("include_recovery_dtbo") == "true": 1796 fn = os.path.join(sourcedir, "recovery_dtbo") 1797 cmd.extend(["--recovery_dtbo", fn]) 1798 if info_dict.get("include_recovery_acpio") == "true": 1799 fn = os.path.join(sourcedir, "recovery_acpio") 1800 cmd.extend(["--recovery_acpio", fn]) 1801 1802 RunAndCheckOutput(cmd) 1803 1804 # Sign the image if vboot is non-empty. 1805 if info_dict.get("vboot"): 1806 path = "/" + partition_name 1807 img_keyblock = tempfile.NamedTemporaryFile() 1808 # We have switched from the prebuilt futility binary to using the tool 1809 # (futility-host) built from the source. Override the setting in the old 1810 # TF.zip. 1811 futility = info_dict["futility"] 1812 if futility.startswith("prebuilts/"): 1813 futility = "futility-host" 1814 cmd = [info_dict["vboot_signer_cmd"], futility, 1815 img_unsigned.name, info_dict["vboot_key"] + ".vbpubk", 1816 info_dict["vboot_key"] + ".vbprivk", 1817 info_dict["vboot_subkey"] + ".vbprivk", 1818 img_keyblock.name, 1819 img.name] 1820 RunAndCheckOutput(cmd) 1821 1822 # Clean up the temp files. 1823 img_unsigned.close() 1824 img_keyblock.close() 1825 1826 # AVB: if enabled, calculate and add hash to boot.img or recovery.img. 1827 if info_dict.get("avb_enable") == "true": 1828 avbtool = info_dict["avb_avbtool"] 1829 if partition_name == "recovery": 1830 part_size = info_dict["recovery_size"] 1831 else: 1832 part_size = info_dict[image_name.replace(".img", "_size")] 1833 cmd = [avbtool, "add_hash_footer", "--image", img.name, 1834 "--partition_size", str(part_size), "--partition_name", 1835 partition_name] 1836 salt = None 1837 if kernel_path is not None: 1838 with open(kernel_path, "rb") as fp: 1839 salt = sha256(fp.read()).hexdigest() 1840 AppendAVBSigningArgs(cmd, partition_name, salt) 1841 args = info_dict.get("avb_" + partition_name + "_add_hash_footer_args") 1842 if args and args.strip(): 1843 split_args = ResolveAVBSigningPathArgs(shlex.split(args)) 1844 cmd.extend(split_args) 1845 RunAndCheckOutput(cmd) 1846 1847 img.seek(os.SEEK_SET, 0) 1848 data = img.read() 1849 1850 if has_ramdisk: 1851 ramdisk_img.close() 1852 img.close() 1853 1854 return data 1855 1856 1857def _SignBootableImage(image_path, prebuilt_name, partition_name, 1858 info_dict=None): 1859 """Performs AVB signing for a prebuilt boot.img. 1860 1861 Args: 1862 image_path: The full path of the image, e.g., /path/to/boot.img. 1863 prebuilt_name: The prebuilt image name, e.g., boot.img, boot-5.4-gz.img, 1864 boot-5.10.img, recovery.img or init_boot.img. 1865 partition_name: The partition name, e.g., 'boot', 'init_boot' or 'recovery'. 1866 info_dict: The information dict read from misc_info.txt. 1867 """ 1868 if info_dict is None: 1869 info_dict = OPTIONS.info_dict 1870 1871 # AVB: if enabled, calculate and add hash to boot.img or recovery.img. 1872 if info_dict.get("avb_enable") == "true": 1873 avbtool = info_dict["avb_avbtool"] 1874 if partition_name == "recovery": 1875 part_size = info_dict["recovery_size"] 1876 else: 1877 part_size = info_dict[prebuilt_name.replace(".img", "_size")] 1878 1879 cmd = [avbtool, "add_hash_footer", "--image", image_path, 1880 "--partition_size", str(part_size), "--partition_name", 1881 partition_name] 1882 # Use sha256 of the kernel as salt for reproducible builds 1883 with tempfile.TemporaryDirectory() as tmpdir: 1884 RunAndCheckOutput(["unpack_bootimg", "--boot_img", image_path, "--out", tmpdir]) 1885 for filename in ["kernel", "ramdisk", "vendor_ramdisk00"]: 1886 path = os.path.join(tmpdir, filename) 1887 if os.path.exists(path) and os.path.getsize(path): 1888 print("Using {} as salt for avb footer of {}".format( 1889 filename, partition_name)) 1890 with open(path, "rb") as fp: 1891 salt = sha256(fp.read()).hexdigest() 1892 break 1893 AppendAVBSigningArgs(cmd, partition_name, salt) 1894 args = info_dict.get("avb_" + partition_name + "_add_hash_footer_args") 1895 if args and args.strip(): 1896 split_args = ResolveAVBSigningPathArgs(shlex.split(args)) 1897 cmd.extend(split_args) 1898 RunAndCheckOutput(cmd) 1899 1900 1901def HasRamdisk(partition_name, info_dict=None): 1902 """Returns true/false to see if a bootable image should have a ramdisk. 1903 1904 Args: 1905 partition_name: The partition name, e.g., 'boot', 'init_boot' or 'recovery'. 1906 info_dict: The information dict read from misc_info.txt. 1907 """ 1908 if info_dict is None: 1909 info_dict = OPTIONS.info_dict 1910 1911 if partition_name != "boot": 1912 return True # init_boot.img or recovery.img has a ramdisk. 1913 1914 if info_dict.get("recovery_as_boot") == "true": 1915 return True # the recovery-as-boot boot.img has a RECOVERY ramdisk. 1916 1917 if info_dict.get("gki_boot_image_without_ramdisk") == "true": 1918 return False # A GKI boot.img has no ramdisk since Android-13. 1919 1920 if info_dict.get("init_boot") == "true": 1921 # The ramdisk is moved to the init_boot.img, so there is NO 1922 # ramdisk in the boot.img or boot-<kernel version>.img. 1923 return False 1924 1925 return True 1926 1927 1928def GetBootableImage(name, prebuilt_name, unpack_dir, tree_subdir, 1929 info_dict=None, two_step_image=False, 1930 dev_nodes=False): 1931 """Return a File object with the desired bootable image. 1932 1933 Look for it in 'unpack_dir'/BOOTABLE_IMAGES under the name 'prebuilt_name', 1934 otherwise look for it under 'unpack_dir'/IMAGES, otherwise construct it from 1935 the source files in 'unpack_dir'/'tree_subdir'.""" 1936 1937 if info_dict is None: 1938 info_dict = OPTIONS.info_dict 1939 1940 prebuilt_path = os.path.join(unpack_dir, "BOOTABLE_IMAGES", prebuilt_name) 1941 if os.path.exists(prebuilt_path): 1942 logger.info("using prebuilt %s from BOOTABLE_IMAGES...", prebuilt_name) 1943 return File.FromLocalFile(name, prebuilt_path) 1944 1945 prebuilt_path = os.path.join(unpack_dir, "IMAGES", prebuilt_name) 1946 if os.path.exists(prebuilt_path): 1947 logger.info("using prebuilt %s from IMAGES...", prebuilt_name) 1948 return File.FromLocalFile(name, prebuilt_path) 1949 1950 partition_name = tree_subdir.lower() 1951 prebuilt_path = os.path.join(unpack_dir, "PREBUILT_IMAGES", prebuilt_name) 1952 if os.path.exists(prebuilt_path): 1953 logger.info("Re-signing prebuilt %s from PREBUILT_IMAGES...", prebuilt_name) 1954 signed_img = MakeTempFile() 1955 shutil.copy(prebuilt_path, signed_img) 1956 _SignBootableImage(signed_img, prebuilt_name, partition_name, info_dict) 1957 return File.FromLocalFile(name, signed_img) 1958 1959 logger.info("building image from target_files %s...", tree_subdir) 1960 1961 has_ramdisk = HasRamdisk(partition_name, info_dict) 1962 1963 fs_config = "META/" + tree_subdir.lower() + "_filesystem_config.txt" 1964 data = _BuildBootableImage(prebuilt_name, os.path.join(unpack_dir, tree_subdir), 1965 os.path.join(unpack_dir, fs_config), 1966 os.path.join(unpack_dir, 'META/ramdisk_node_list') 1967 if dev_nodes else None, 1968 info_dict, has_ramdisk, two_step_image) 1969 if data: 1970 return File(name, data) 1971 return None 1972 1973 1974def _BuildVendorBootImage(sourcedir, fs_config_file, partition_name, info_dict=None): 1975 """Build a vendor boot image from the specified sourcedir. 1976 1977 Take a ramdisk, dtb, and vendor_cmdline from the input (in 'sourcedir'), and 1978 turn them into a vendor boot image. 1979 1980 Return the image data, or None if sourcedir does not appear to contains files 1981 for building the requested image. 1982 """ 1983 1984 if info_dict is None: 1985 info_dict = OPTIONS.info_dict 1986 1987 img = tempfile.NamedTemporaryFile() 1988 1989 ramdisk_format = GetRamdiskFormat(info_dict) 1990 ramdisk_img = _MakeRamdisk(sourcedir, fs_config_file=fs_config_file, ramdisk_format=ramdisk_format) 1991 1992 # use MKBOOTIMG from environ, or "mkbootimg" if empty or not set 1993 mkbootimg = os.getenv('MKBOOTIMG') or "mkbootimg" 1994 1995 cmd = [mkbootimg] 1996 1997 fn = os.path.join(sourcedir, "dtb") 1998 if os.access(fn, os.F_OK): 1999 has_vendor_kernel_boot = (info_dict.get( 2000 "vendor_kernel_boot", "").lower() == "true") 2001 2002 # Pack dtb into vendor_kernel_boot if building vendor_kernel_boot. 2003 # Otherwise pack dtb into vendor_boot. 2004 if not has_vendor_kernel_boot or partition_name == "vendor_kernel_boot": 2005 cmd.append("--dtb") 2006 cmd.append(fn) 2007 2008 fn = os.path.join(sourcedir, "vendor_cmdline") 2009 if os.access(fn, os.F_OK): 2010 cmd.append("--vendor_cmdline") 2011 cmd.append(open(fn).read().rstrip("\n")) 2012 2013 fn = os.path.join(sourcedir, "base") 2014 if os.access(fn, os.F_OK): 2015 cmd.append("--base") 2016 cmd.append(open(fn).read().rstrip("\n")) 2017 2018 fn = os.path.join(sourcedir, "pagesize") 2019 if os.access(fn, os.F_OK): 2020 cmd.append("--pagesize") 2021 cmd.append(open(fn).read().rstrip("\n")) 2022 2023 args = info_dict.get("mkbootimg_args") 2024 if args and args.strip(): 2025 cmd.extend(shlex.split(args)) 2026 2027 args = info_dict.get("mkbootimg_version_args") 2028 if args and args.strip(): 2029 cmd.extend(shlex.split(args)) 2030 2031 cmd.extend(["--vendor_ramdisk", ramdisk_img.name]) 2032 cmd.extend(["--vendor_boot", img.name]) 2033 2034 fn = os.path.join(sourcedir, "vendor_bootconfig") 2035 if os.access(fn, os.F_OK): 2036 cmd.append("--vendor_bootconfig") 2037 cmd.append(fn) 2038 2039 ramdisk_fragment_imgs = [] 2040 fn = os.path.join(sourcedir, "vendor_ramdisk_fragments") 2041 if os.access(fn, os.F_OK): 2042 ramdisk_fragments = shlex.split(open(fn).read().rstrip("\n")) 2043 for ramdisk_fragment in ramdisk_fragments: 2044 fn = os.path.join(sourcedir, "RAMDISK_FRAGMENTS", 2045 ramdisk_fragment, "mkbootimg_args") 2046 cmd.extend(shlex.split(open(fn).read().rstrip("\n"))) 2047 fn = os.path.join(sourcedir, "RAMDISK_FRAGMENTS", 2048 ramdisk_fragment, "prebuilt_ramdisk") 2049 # Use prebuilt image if found, else create ramdisk from supplied files. 2050 if os.access(fn, os.F_OK): 2051 ramdisk_fragment_pathname = fn 2052 else: 2053 ramdisk_fragment_root = os.path.join( 2054 sourcedir, "RAMDISK_FRAGMENTS", ramdisk_fragment) 2055 ramdisk_fragment_img = _MakeRamdisk(ramdisk_fragment_root, 2056 ramdisk_format=ramdisk_format) 2057 ramdisk_fragment_imgs.append(ramdisk_fragment_img) 2058 ramdisk_fragment_pathname = ramdisk_fragment_img.name 2059 cmd.extend(["--vendor_ramdisk_fragment", ramdisk_fragment_pathname]) 2060 2061 RunAndCheckOutput(cmd) 2062 2063 # AVB: if enabled, calculate and add hash. 2064 if info_dict.get("avb_enable") == "true": 2065 avbtool = info_dict["avb_avbtool"] 2066 part_size = info_dict[f'{partition_name}_size'] 2067 cmd = [avbtool, "add_hash_footer", "--image", img.name, 2068 "--partition_size", str(part_size), "--partition_name", partition_name] 2069 AppendAVBSigningArgs(cmd, partition_name) 2070 args = info_dict.get(f'avb_{partition_name}_add_hash_footer_args') 2071 if args and args.strip(): 2072 split_args = ResolveAVBSigningPathArgs(shlex.split(args)) 2073 cmd.extend(split_args) 2074 RunAndCheckOutput(cmd) 2075 2076 img.seek(os.SEEK_SET, 0) 2077 data = img.read() 2078 2079 for f in ramdisk_fragment_imgs: 2080 f.close() 2081 ramdisk_img.close() 2082 img.close() 2083 2084 return data 2085 2086 2087def GetVendorBootImage(name, prebuilt_name, unpack_dir, tree_subdir, 2088 info_dict=None): 2089 """Return a File object with the desired vendor boot image. 2090 2091 Look for it under 'unpack_dir'/IMAGES, otherwise construct it from 2092 the source files in 'unpack_dir'/'tree_subdir'.""" 2093 2094 prebuilt_path = os.path.join(unpack_dir, "IMAGES", prebuilt_name) 2095 if os.path.exists(prebuilt_path): 2096 logger.info("using prebuilt %s from IMAGES...", prebuilt_name) 2097 return File.FromLocalFile(name, prebuilt_path) 2098 2099 logger.info("building image from target_files %s...", tree_subdir) 2100 2101 if info_dict is None: 2102 info_dict = OPTIONS.info_dict 2103 2104 fs_config = "META/" + tree_subdir.lower() + "_filesystem_config.txt" 2105 data = _BuildVendorBootImage( 2106 os.path.join(unpack_dir, tree_subdir), os.path.join(unpack_dir, fs_config), "vendor_boot", info_dict) 2107 if data: 2108 return File(name, data) 2109 return None 2110 2111 2112def GetVendorKernelBootImage(name, prebuilt_name, unpack_dir, tree_subdir, 2113 info_dict=None): 2114 """Return a File object with the desired vendor kernel boot image. 2115 2116 Look for it under 'unpack_dir'/IMAGES, otherwise construct it from 2117 the source files in 'unpack_dir'/'tree_subdir'.""" 2118 2119 prebuilt_path = os.path.join(unpack_dir, "IMAGES", prebuilt_name) 2120 if os.path.exists(prebuilt_path): 2121 logger.info("using prebuilt %s from IMAGES...", prebuilt_name) 2122 return File.FromLocalFile(name, prebuilt_path) 2123 2124 logger.info("building image from target_files %s...", tree_subdir) 2125 2126 if info_dict is None: 2127 info_dict = OPTIONS.info_dict 2128 2129 data = _BuildVendorBootImage( 2130 os.path.join(unpack_dir, tree_subdir), None, "vendor_kernel_boot", info_dict) 2131 if data: 2132 return File(name, data) 2133 return None 2134 2135 2136def Gunzip(in_filename, out_filename): 2137 """Gunzips the given gzip compressed file to a given output file.""" 2138 with gzip.open(in_filename, "rb") as in_file, \ 2139 open(out_filename, "wb") as out_file: 2140 shutil.copyfileobj(in_file, out_file) 2141 2142 2143def UnzipSingleFile(input_zip: zipfile.ZipFile, info: zipfile.ZipInfo, dirname: str): 2144 # According to https://stackoverflow.com/questions/434641/how-do-i-set-permissions-attributes-on-a-file-in-a-zip-file-using-pythons-zip/6297838#6297838 2145 # higher bits of |external_attr| are unix file permission and types 2146 unix_filetype = info.external_attr >> 16 2147 file_perm = unix_filetype & 0o777 2148 2149 def CheckMask(a, mask): 2150 return (a & mask) == mask 2151 2152 def IsSymlink(a): 2153 return CheckMask(a, stat.S_IFLNK) 2154 2155 def IsDir(a): 2156 return CheckMask(a, stat.S_IFDIR) 2157 # python3.11 zipfile implementation doesn't handle symlink correctly 2158 if not IsSymlink(unix_filetype): 2159 target = input_zip.extract(info, dirname) 2160 # We want to ensure that the file is at least read/writable by owner and readable by all users 2161 if IsDir(unix_filetype): 2162 os.chmod(target, file_perm | 0o755) 2163 else: 2164 os.chmod(target, file_perm | 0o644) 2165 return target 2166 if dirname is None: 2167 dirname = os.getcwd() 2168 target = os.path.join(dirname, info.filename) 2169 os.makedirs(os.path.dirname(target), exist_ok=True) 2170 if os.path.exists(target): 2171 os.unlink(target) 2172 os.symlink(input_zip.read(info).decode(), target) 2173 return target 2174 2175 2176def UnzipToDir(filename, dirname, patterns=None): 2177 """Unzips the archive to the given directory. 2178 2179 Args: 2180 filename: The name of the zip file to unzip. 2181 dirname: Where the unziped files will land. 2182 patterns: Files to unzip from the archive. If omitted, will unzip the entire 2183 archvie. Non-matching patterns will be filtered out. If there's no match 2184 after the filtering, no file will be unzipped. 2185 """ 2186 with zipfile.ZipFile(filename, allowZip64=True, mode="r") as input_zip: 2187 # Filter out non-matching patterns. unzip will complain otherwise. 2188 entries = input_zip.infolist() 2189 # b/283033491 2190 # Per https://en.wikipedia.org/wiki/ZIP_(file_format)#Central_directory_file_header 2191 # In zip64 mode, central directory record's header_offset field might be 2192 # set to 0xFFFFFFFF if header offset is > 2^32. In this case, the extra 2193 # fields will contain an 8 byte little endian integer at offset 20 2194 # to indicate the actual local header offset. 2195 # As of python3.11, python does not handle zip64 central directories 2196 # correctly, so we will manually do the parsing here. 2197 2198 # ZIP64 central directory extra field has two required fields: 2199 # 2 bytes header ID and 2 bytes size field. Thes two require fields have 2200 # a total size of 4 bytes. Then it has three other 8 bytes field, followed 2201 # by a 4 byte disk number field. The last disk number field is not required 2202 # to be present, but if it is present, the total size of extra field will be 2203 # divisible by 8(because 2+2+4+8*n is always going to be multiple of 8) 2204 # Most extra fields are optional, but when they appear, their must appear 2205 # in the order defined by zip64 spec. Since file header offset is the 2nd 2206 # to last field in zip64 spec, it will only be at last 8 bytes or last 12-4 2207 # bytes, depending on whether disk number is present. 2208 for entry in entries: 2209 if entry.header_offset == 0xFFFFFFFF: 2210 if len(entry.extra) % 8 == 0: 2211 entry.header_offset = int.from_bytes(entry.extra[-12:-4], "little") 2212 else: 2213 entry.header_offset = int.from_bytes(entry.extra[-8:], "little") 2214 if patterns is not None: 2215 filtered = [info for info in entries if any( 2216 [fnmatch.fnmatch(info.filename, p) for p in patterns])] 2217 2218 # There isn't any matching files. Don't unzip anything. 2219 if not filtered: 2220 return 2221 for info in filtered: 2222 UnzipSingleFile(input_zip, info, dirname) 2223 else: 2224 for info in entries: 2225 UnzipSingleFile(input_zip, info, dirname) 2226 2227 2228def UnzipTemp(filename, patterns=None): 2229 """Unzips the given archive into a temporary directory and returns the name. 2230 2231 Args: 2232 filename: If filename is of the form "foo.zip+bar.zip", unzip foo.zip into 2233 a temp dir, then unzip bar.zip into that_dir/BOOTABLE_IMAGES. 2234 2235 patterns: Files to unzip from the archive. If omitted, will unzip the entire 2236 archvie. 2237 2238 Returns: 2239 The name of the temporary directory. 2240 """ 2241 2242 tmp = MakeTempDir(prefix="targetfiles-") 2243 m = re.match(r"^(.*[.]zip)\+(.*[.]zip)$", filename, re.IGNORECASE) 2244 if m: 2245 UnzipToDir(m.group(1), tmp, patterns) 2246 UnzipToDir(m.group(2), os.path.join(tmp, "BOOTABLE_IMAGES"), patterns) 2247 filename = m.group(1) 2248 else: 2249 UnzipToDir(filename, tmp, patterns) 2250 2251 return tmp 2252 2253 2254def GetUserImage(which, tmpdir, input_zip, 2255 info_dict=None, 2256 allow_shared_blocks=None, 2257 reset_file_map=False): 2258 """Returns an Image object suitable for passing to BlockImageDiff. 2259 2260 This function loads the specified image from the given path. If the specified 2261 image is sparse, it also performs additional processing for OTA purpose. For 2262 example, it always adds block 0 to clobbered blocks list. It also detects 2263 files that cannot be reconstructed from the block list, for whom we should 2264 avoid applying imgdiff. 2265 2266 Args: 2267 which: The partition name. 2268 tmpdir: The directory that contains the prebuilt image and block map file. 2269 input_zip: The target-files ZIP archive. 2270 info_dict: The dict to be looked up for relevant info. 2271 allow_shared_blocks: If image is sparse, whether having shared blocks is 2272 allowed. If none, it is looked up from info_dict. 2273 reset_file_map: If true and image is sparse, reset file map before returning 2274 the image. 2275 Returns: 2276 A Image object. If it is a sparse image and reset_file_map is False, the 2277 image will have file_map info loaded. 2278 """ 2279 if info_dict is None: 2280 info_dict = LoadInfoDict(input_zip) 2281 2282 is_sparse = IsSparseImage(os.path.join(tmpdir, "IMAGES", which + ".img")) 2283 2284 # When target uses 'BOARD_EXT4_SHARE_DUP_BLOCKS := true', images may contain 2285 # shared blocks (i.e. some blocks will show up in multiple files' block 2286 # list). We can only allocate such shared blocks to the first "owner", and 2287 # disable imgdiff for all later occurrences. 2288 if allow_shared_blocks is None: 2289 allow_shared_blocks = info_dict.get("ext4_share_dup_blocks") == "true" 2290 2291 if is_sparse: 2292 img = GetSparseImage(which, tmpdir, input_zip, allow_shared_blocks) 2293 if reset_file_map: 2294 img.ResetFileMap() 2295 return img 2296 return GetNonSparseImage(which, tmpdir) 2297 2298 2299def GetNonSparseImage(which, tmpdir): 2300 """Returns a Image object suitable for passing to BlockImageDiff. 2301 2302 This function loads the specified non-sparse image from the given path. 2303 2304 Args: 2305 which: The partition name. 2306 tmpdir: The directory that contains the prebuilt image and block map file. 2307 Returns: 2308 A Image object. 2309 """ 2310 path = os.path.join(tmpdir, "IMAGES", which + ".img") 2311 mappath = os.path.join(tmpdir, "IMAGES", which + ".map") 2312 2313 # The image and map files must have been created prior to calling 2314 # ota_from_target_files.py (since LMP). 2315 assert os.path.exists(path) and os.path.exists(mappath) 2316 2317 return images.FileImage(path) 2318 2319 2320def GetSparseImage(which, tmpdir, input_zip, allow_shared_blocks): 2321 """Returns a SparseImage object suitable for passing to BlockImageDiff. 2322 2323 This function loads the specified sparse image from the given path, and 2324 performs additional processing for OTA purpose. For example, it always adds 2325 block 0 to clobbered blocks list. It also detects files that cannot be 2326 reconstructed from the block list, for whom we should avoid applying imgdiff. 2327 2328 Args: 2329 which: The partition name, e.g. "system", "vendor". 2330 tmpdir: The directory that contains the prebuilt image and block map file. 2331 input_zip: The target-files ZIP archive. 2332 allow_shared_blocks: Whether having shared blocks is allowed. 2333 Returns: 2334 A SparseImage object, with file_map info loaded. 2335 """ 2336 path = os.path.join(tmpdir, "IMAGES", which + ".img") 2337 mappath = os.path.join(tmpdir, "IMAGES", which + ".map") 2338 2339 # The image and map files must have been created prior to calling 2340 # ota_from_target_files.py (since LMP). 2341 assert os.path.exists(path) and os.path.exists(mappath) 2342 2343 # In ext4 filesystems, block 0 might be changed even being mounted R/O. We add 2344 # it to clobbered_blocks so that it will be written to the target 2345 # unconditionally. Note that they are still part of care_map. (Bug: 20939131) 2346 clobbered_blocks = "0" 2347 2348 image = sparse_img.SparseImage( 2349 path, mappath, clobbered_blocks, allow_shared_blocks=allow_shared_blocks) 2350 2351 # block.map may contain less blocks, because mke2fs may skip allocating blocks 2352 # if they contain all zeros. We can't reconstruct such a file from its block 2353 # list. Tag such entries accordingly. (Bug: 65213616) 2354 for entry in image.file_map: 2355 # Skip artificial names, such as "__ZERO", "__NONZERO-1". 2356 if not entry.startswith('/'): 2357 continue 2358 2359 # "/system/framework/am.jar" => "SYSTEM/framework/am.jar". Note that the 2360 # filename listed in system.map may contain an additional leading slash 2361 # (i.e. "//system/framework/am.jar"). Using lstrip to get consistent 2362 # results. 2363 # And handle another special case, where files not under /system 2364 # (e.g. "/sbin/charger") are packed under ROOT/ in a target_files.zip. 2365 arcname = entry.lstrip('/') 2366 if which == 'system' and not arcname.startswith('system'): 2367 arcname = 'ROOT/' + arcname 2368 else: 2369 arcname = arcname.replace(which, which.upper(), 1) 2370 2371 assert arcname in input_zip.namelist(), \ 2372 "Failed to find the ZIP entry for {}".format(entry) 2373 2374 info = input_zip.getinfo(arcname) 2375 ranges = image.file_map[entry] 2376 2377 # If a RangeSet has been tagged as using shared blocks while loading the 2378 # image, check the original block list to determine its completeness. Note 2379 # that the 'incomplete' flag would be tagged to the original RangeSet only. 2380 if ranges.extra.get('uses_shared_blocks'): 2381 ranges = ranges.extra['uses_shared_blocks'] 2382 2383 if RoundUpTo4K(info.file_size) > ranges.size() * 4096: 2384 ranges.extra['incomplete'] = True 2385 2386 return image 2387 2388 2389def GetKeyPasswords(keylist): 2390 """Given a list of keys, prompt the user to enter passwords for 2391 those which require them. Return a {key: password} dict. password 2392 will be None if the key has no password.""" 2393 2394 no_passwords = [] 2395 need_passwords = [] 2396 key_passwords = {} 2397 devnull = open("/dev/null", "w+b") 2398 2399 # sorted() can't compare strings to None, so convert Nones to strings 2400 for k in sorted(keylist, key=lambda x: x if x is not None else ""): 2401 # We don't need a password for things that aren't really keys. 2402 if k in SPECIAL_CERT_STRINGS or k is None: 2403 no_passwords.append(k) 2404 continue 2405 2406 p = Run(["openssl", "pkcs8", "-in", k+OPTIONS.private_key_suffix, 2407 "-inform", "DER", "-nocrypt"], 2408 stdin=devnull.fileno(), 2409 stdout=devnull.fileno(), 2410 stderr=subprocess.STDOUT) 2411 p.communicate() 2412 if p.returncode == 0: 2413 # Definitely an unencrypted key. 2414 no_passwords.append(k) 2415 else: 2416 p = Run(["openssl", "pkcs8", "-in", k+OPTIONS.private_key_suffix, 2417 "-inform", "DER", "-passin", "pass:"], 2418 stdin=devnull.fileno(), 2419 stdout=devnull.fileno(), 2420 stderr=subprocess.PIPE) 2421 _, stderr = p.communicate() 2422 if p.returncode == 0: 2423 # Encrypted key with empty string as password. 2424 key_passwords[k] = '' 2425 elif stderr.startswith('Error decrypting key'): 2426 # Definitely encrypted key. 2427 # It would have said "Error reading key" if it didn't parse correctly. 2428 need_passwords.append(k) 2429 else: 2430 # Potentially, a type of key that openssl doesn't understand. 2431 # We'll let the routines in signapk.jar handle it. 2432 no_passwords.append(k) 2433 devnull.close() 2434 2435 key_passwords.update(PasswordManager().GetPasswords(need_passwords)) 2436 key_passwords.update(dict.fromkeys(no_passwords)) 2437 return key_passwords 2438 2439 2440def GetMinSdkVersion(apk_name): 2441 """Gets the minSdkVersion declared in the APK. 2442 2443 It calls OPTIONS.aapt2_path to query the embedded minSdkVersion from the given 2444 APK file. This can be both a decimal number (API Level) or a codename. 2445 2446 Args: 2447 apk_name: The APK filename. 2448 2449 Returns: 2450 The parsed SDK version string. 2451 2452 Raises: 2453 ExternalError: On failing to obtain the min SDK version. 2454 """ 2455 proc = Run( 2456 [OPTIONS.aapt2_path, "dump", "badging", apk_name], stdout=subprocess.PIPE, 2457 stderr=subprocess.PIPE) 2458 stdoutdata, stderrdata = proc.communicate() 2459 if proc.returncode != 0: 2460 raise ExternalError( 2461 "Failed to obtain minSdkVersion for {}: aapt2 return code {}:\n{}\n{}".format( 2462 apk_name, proc.returncode, stdoutdata, stderrdata)) 2463 2464 for line in stdoutdata.split("\n"): 2465 # Due to ag/24161708, looking for lines such as minSdkVersion:'23',minSdkVersion:'M' 2466 # or sdkVersion:'23', sdkVersion:'M'. 2467 m = re.match(r'(?:minSdkVersion|sdkVersion):\'([^\']*)\'', line) 2468 if m: 2469 return m.group(1) 2470 raise ExternalError("No minSdkVersion returned by aapt2 for apk: {}".format(apk_name)) 2471 2472 2473def GetMinSdkVersionInt(apk_name, codename_to_api_level_map): 2474 """Returns the minSdkVersion declared in the APK as a number (API Level). 2475 2476 If minSdkVersion is set to a codename, it is translated to a number using the 2477 provided map. 2478 2479 Args: 2480 apk_name: The APK filename. 2481 2482 Returns: 2483 The parsed SDK version number. 2484 2485 Raises: 2486 ExternalError: On failing to get the min SDK version number. 2487 """ 2488 version = GetMinSdkVersion(apk_name) 2489 try: 2490 return int(version) 2491 except ValueError: 2492 # Not a decimal number. 2493 # 2494 # It could be either a straight codename, e.g. 2495 # UpsideDownCake 2496 # 2497 # Or a codename with API fingerprint SHA, e.g. 2498 # UpsideDownCake.e7d3947f14eb9dc4fec25ff6c5f8563e 2499 # 2500 # Extract the codename and try and map it to a version number. 2501 split = version.split(".") 2502 codename = split[0] 2503 if codename in codename_to_api_level_map: 2504 return codename_to_api_level_map[codename] 2505 raise ExternalError( 2506 "Unknown codename: '{}' from minSdkVersion: '{}'. Known codenames: {}".format( 2507 codename, version, codename_to_api_level_map)) 2508 2509 2510def SignFile(input_name, output_name, key, password, min_api_level=None, 2511 codename_to_api_level_map=None, whole_file=False, 2512 extra_signapk_args=None): 2513 """Sign the input_name zip/jar/apk, producing output_name. Use the 2514 given key and password (the latter may be None if the key does not 2515 have a password. 2516 2517 If whole_file is true, use the "-w" option to SignApk to embed a 2518 signature that covers the whole file in the archive comment of the 2519 zip file. 2520 2521 min_api_level is the API Level (int) of the oldest platform this file may end 2522 up on. If not specified for an APK, the API Level is obtained by interpreting 2523 the minSdkVersion attribute of the APK's AndroidManifest.xml. 2524 2525 codename_to_api_level_map is needed to translate the codename which may be 2526 encountered as the APK's minSdkVersion. 2527 2528 Caller may optionally specify extra args to be passed to SignApk, which 2529 defaults to OPTIONS.extra_signapk_args if omitted. 2530 """ 2531 if codename_to_api_level_map is None: 2532 codename_to_api_level_map = {} 2533 if extra_signapk_args is None: 2534 extra_signapk_args = OPTIONS.extra_signapk_args 2535 2536 java_library_path = os.path.join( 2537 OPTIONS.search_path, OPTIONS.signapk_shared_library_path) 2538 2539 cmd = ([OPTIONS.java_path] + OPTIONS.java_args + 2540 ["-Djava.library.path=" + java_library_path, 2541 "-jar", os.path.join(OPTIONS.search_path, OPTIONS.signapk_path)] + 2542 extra_signapk_args) 2543 if whole_file: 2544 cmd.append("-w") 2545 2546 min_sdk_version = min_api_level 2547 if min_sdk_version is None: 2548 if not whole_file: 2549 min_sdk_version = GetMinSdkVersionInt( 2550 input_name, codename_to_api_level_map) 2551 if min_sdk_version is not None: 2552 cmd.extend(["--min-sdk-version", str(min_sdk_version)]) 2553 2554 cmd.extend([key + OPTIONS.public_key_suffix, 2555 key + OPTIONS.private_key_suffix, 2556 input_name, output_name]) 2557 2558 proc = Run(cmd, stdin=subprocess.PIPE) 2559 if password is not None: 2560 password += "\n" 2561 stdoutdata, _ = proc.communicate(password) 2562 if proc.returncode != 0: 2563 raise ExternalError( 2564 "Failed to run {}: return code {}:\n{}".format(cmd, 2565 proc.returncode, stdoutdata)) 2566 2567 2568def CheckSize(data, target, info_dict): 2569 """Checks the data string passed against the max size limit. 2570 2571 For non-AVB images, raise exception if the data is too big. Print a warning 2572 if the data is nearing the maximum size. 2573 2574 For AVB images, the actual image size should be identical to the limit. 2575 2576 Args: 2577 data: A string that contains all the data for the partition. 2578 target: The partition name. The ".img" suffix is optional. 2579 info_dict: The dict to be looked up for relevant info. 2580 """ 2581 if target.endswith(".img"): 2582 target = target[:-4] 2583 mount_point = "/" + target 2584 2585 fs_type = None 2586 limit = None 2587 if info_dict["fstab"]: 2588 if mount_point == "/userdata": 2589 mount_point = "/data" 2590 p = info_dict["fstab"][mount_point] 2591 fs_type = p.fs_type 2592 device = p.device 2593 if "/" in device: 2594 device = device[device.rfind("/")+1:] 2595 limit = info_dict.get(device + "_size", 0) 2596 if isinstance(limit, str): 2597 limit = int(limit, 0) 2598 if not fs_type or not limit: 2599 return 2600 2601 size = len(data) 2602 # target could be 'userdata' or 'cache'. They should follow the non-AVB image 2603 # path. 2604 if info_dict.get("avb_enable") == "true" and target in AVB_PARTITIONS: 2605 if size != limit: 2606 raise ExternalError( 2607 "Mismatching image size for %s: expected %d actual %d" % ( 2608 target, limit, size)) 2609 else: 2610 pct = float(size) * 100.0 / limit 2611 msg = "%s size (%d) is %.2f%% of limit (%d)" % (target, size, pct, limit) 2612 if pct >= 99.0: 2613 raise ExternalError(msg) 2614 2615 if pct >= 95.0: 2616 logger.warning("\n WARNING: %s\n", msg) 2617 else: 2618 logger.info(" %s", msg) 2619 2620 2621def ReadApkCerts(tf_zip): 2622 """Parses the APK certs info from a given target-files zip. 2623 2624 Given a target-files ZipFile, parses the META/apkcerts.txt entry and returns a 2625 tuple with the following elements: (1) a dictionary that maps packages to 2626 certs (based on the "certificate" and "private_key" attributes in the file; 2627 (2) a string representing the extension of compressed APKs in the target files 2628 (e.g ".gz", ".bro"). 2629 2630 Args: 2631 tf_zip: The input target_files ZipFile (already open). 2632 2633 Returns: 2634 (certmap, ext): certmap is a dictionary that maps packages to certs; ext is 2635 the extension string of compressed APKs (e.g. ".gz"), or None if there's 2636 no compressed APKs. 2637 """ 2638 certmap = {} 2639 compressed_extension = None 2640 2641 # META/apkcerts.txt contains the info for _all_ the packages known at build 2642 # time. Filter out the ones that are not installed. 2643 installed_files = set() 2644 for name in tf_zip.namelist(): 2645 basename = os.path.basename(name) 2646 if basename: 2647 installed_files.add(basename) 2648 2649 for line in tf_zip.read('META/apkcerts.txt').decode().split('\n'): 2650 line = line.strip() 2651 if not line: 2652 continue 2653 m = re.match( 2654 r'^name="(?P<NAME>.*)"\s+certificate="(?P<CERT>.*)"\s+' 2655 r'private_key="(?P<PRIVKEY>.*?)"(\s+compressed="(?P<COMPRESSED>.*?)")?' 2656 r'(\s+partition="(?P<PARTITION>.*?)")?$', 2657 line) 2658 if not m: 2659 continue 2660 2661 matches = m.groupdict() 2662 cert = matches["CERT"] 2663 privkey = matches["PRIVKEY"] 2664 name = matches["NAME"] 2665 this_compressed_extension = matches["COMPRESSED"] 2666 2667 public_key_suffix_len = len(OPTIONS.public_key_suffix) 2668 private_key_suffix_len = len(OPTIONS.private_key_suffix) 2669 if cert in SPECIAL_CERT_STRINGS and not privkey: 2670 certmap[name] = cert 2671 elif (cert.endswith(OPTIONS.public_key_suffix) and 2672 privkey.endswith(OPTIONS.private_key_suffix) and 2673 cert[:-public_key_suffix_len] == privkey[:-private_key_suffix_len]): 2674 certmap[name] = cert[:-public_key_suffix_len] 2675 else: 2676 raise ValueError("Failed to parse line from apkcerts.txt:\n" + line) 2677 2678 if not this_compressed_extension: 2679 continue 2680 2681 # Only count the installed files. 2682 filename = name + '.' + this_compressed_extension 2683 if filename not in installed_files: 2684 continue 2685 2686 # Make sure that all the values in the compression map have the same 2687 # extension. We don't support multiple compression methods in the same 2688 # system image. 2689 if compressed_extension: 2690 if this_compressed_extension != compressed_extension: 2691 raise ValueError( 2692 "Multiple compressed extensions: {} vs {}".format( 2693 compressed_extension, this_compressed_extension)) 2694 else: 2695 compressed_extension = this_compressed_extension 2696 2697 return (certmap, 2698 ("." + compressed_extension) if compressed_extension else None) 2699 2700 2701COMMON_DOCSTRING = """ 2702Global options 2703 2704 -p (--path) <dir> 2705 Prepend <dir>/bin to the list of places to search for binaries run by this 2706 script, and expect to find jars in <dir>/framework. 2707 2708 -s (--device_specific) <file> 2709 Path to the Python module containing device-specific releasetools code. 2710 2711 -x (--extra) <key=value> 2712 Add a key/value pair to the 'extras' dict, which device-specific extension 2713 code may look at. 2714 2715 -v (--verbose) 2716 Show command lines being executed. 2717 2718 -h (--help) 2719 Display this usage message and exit. 2720 2721 --logfile <file> 2722 Put verbose logs to specified file (regardless of --verbose option.) 2723""" 2724 2725 2726def Usage(docstring): 2727 print(docstring.rstrip("\n")) 2728 print(COMMON_DOCSTRING) 2729 2730 2731def ParseOptions(argv, 2732 docstring, 2733 extra_opts="", extra_long_opts=(), 2734 extra_option_handler: Iterable[OptionHandler] = None): 2735 """Parse the options in argv and return any arguments that aren't 2736 flags. docstring is the calling module's docstring, to be displayed 2737 for errors and -h. extra_opts and extra_long_opts are for flags 2738 defined by the caller, which are processed by passing them to 2739 extra_option_handler.""" 2740 extra_long_opts = list(extra_long_opts) 2741 if not isinstance(extra_option_handler, Iterable): 2742 extra_option_handler = [extra_option_handler] 2743 2744 for handler in extra_option_handler: 2745 if isinstance(handler, OptionHandler): 2746 extra_long_opts.extend(handler.extra_long_opts) 2747 2748 try: 2749 opts, args = getopt.getopt( 2750 argv, "hvp:s:x:" + extra_opts, 2751 ["help", "verbose", "path=", "signapk_path=", 2752 "signapk_shared_library_path=", "extra_signapk_args=", "aapt2_path=", 2753 "java_path=", "java_args=", "android_jar_path=", "public_key_suffix=", 2754 "private_key_suffix=", "boot_signer_path=", "boot_signer_args=", 2755 "verity_signer_path=", "verity_signer_args=", "device_specific=", 2756 "extra=", "logfile="] + list(extra_long_opts)) 2757 except getopt.GetoptError as err: 2758 Usage(docstring) 2759 print("**", str(err), "**") 2760 sys.exit(2) 2761 2762 for o, a in opts: 2763 if o in ("-h", "--help"): 2764 Usage(docstring) 2765 sys.exit() 2766 elif o in ("-v", "--verbose"): 2767 OPTIONS.verbose = True 2768 elif o in ("-p", "--path"): 2769 OPTIONS.search_path = a 2770 elif o in ("--signapk_path",): 2771 OPTIONS.signapk_path = a 2772 elif o in ("--signapk_shared_library_path",): 2773 OPTIONS.signapk_shared_library_path = a 2774 elif o in ("--extra_signapk_args",): 2775 OPTIONS.extra_signapk_args = shlex.split(a) 2776 elif o in ("--aapt2_path",): 2777 OPTIONS.aapt2_path = a 2778 elif o in ("--java_path",): 2779 OPTIONS.java_path = a 2780 elif o in ("--java_args",): 2781 OPTIONS.java_args = shlex.split(a) 2782 elif o in ("--android_jar_path",): 2783 OPTIONS.android_jar_path = a 2784 elif o in ("--public_key_suffix",): 2785 OPTIONS.public_key_suffix = a 2786 elif o in ("--private_key_suffix",): 2787 OPTIONS.private_key_suffix = a 2788 elif o in ("--boot_signer_path",): 2789 raise ValueError( 2790 "--boot_signer_path is no longer supported, please switch to AVB") 2791 elif o in ("--boot_signer_args",): 2792 raise ValueError( 2793 "--boot_signer_args is no longer supported, please switch to AVB") 2794 elif o in ("--verity_signer_path",): 2795 raise ValueError( 2796 "--verity_signer_path is no longer supported, please switch to AVB") 2797 elif o in ("--verity_signer_args",): 2798 raise ValueError( 2799 "--verity_signer_args is no longer supported, please switch to AVB") 2800 elif o in ("-s", "--device_specific"): 2801 OPTIONS.device_specific = a 2802 elif o in ("-x", "--extra"): 2803 key, value = a.split("=", 1) 2804 OPTIONS.extras[key] = value 2805 elif o in ("--logfile",): 2806 OPTIONS.logfile = a 2807 else: 2808 if extra_option_handler is None: 2809 raise ValueError("unknown option \"%s\"" % (o,)) 2810 success = False 2811 for handler in extra_option_handler: 2812 if isinstance(handler, OptionHandler): 2813 if handler.handler(o, a): 2814 success = True 2815 break 2816 elif handler(o, a): 2817 success = True 2818 if not success: 2819 raise ValueError("unknown option \"%s\"" % (o,)) 2820 2821 2822 if OPTIONS.search_path: 2823 os.environ["PATH"] = (os.path.join(OPTIONS.search_path, "bin") + 2824 os.pathsep + os.environ["PATH"]) 2825 2826 return args 2827 2828 2829def MakeTempFile(prefix='tmp', suffix=''): 2830 """Make a temp file and add it to the list of things to be deleted 2831 when Cleanup() is called. Return the filename.""" 2832 fd, fn = tempfile.mkstemp(prefix=prefix, suffix=suffix) 2833 os.close(fd) 2834 OPTIONS.tempfiles.append(fn) 2835 return fn 2836 2837 2838def MakeTempDir(prefix='tmp', suffix=''): 2839 """Makes a temporary dir that will be cleaned up with a call to Cleanup(). 2840 2841 Returns: 2842 The absolute pathname of the new directory. 2843 """ 2844 dir_name = tempfile.mkdtemp(suffix=suffix, prefix=prefix) 2845 OPTIONS.tempfiles.append(dir_name) 2846 return dir_name 2847 2848 2849def Cleanup(): 2850 for i in OPTIONS.tempfiles: 2851 if not os.path.exists(i): 2852 continue 2853 if os.path.isdir(i): 2854 shutil.rmtree(i, ignore_errors=True) 2855 else: 2856 os.remove(i) 2857 del OPTIONS.tempfiles[:] 2858 2859 2860class PasswordManager(object): 2861 def __init__(self): 2862 self.editor = os.getenv("EDITOR") 2863 self.pwfile = os.getenv("ANDROID_PW_FILE") 2864 2865 def GetPasswords(self, items): 2866 """Get passwords corresponding to each string in 'items', 2867 returning a dict. (The dict may have keys in addition to the 2868 values in 'items'.) 2869 2870 Uses the passwords in $ANDROID_PW_FILE if available, letting the 2871 user edit that file to add more needed passwords. If no editor is 2872 available, or $ANDROID_PW_FILE isn't define, prompts the user 2873 interactively in the ordinary way. 2874 """ 2875 2876 current = self.ReadFile() 2877 2878 first = True 2879 while True: 2880 missing = [] 2881 for i in items: 2882 if i not in current or not current[i]: 2883 missing.append(i) 2884 # Are all the passwords already in the file? 2885 if not missing: 2886 return current 2887 2888 for i in missing: 2889 current[i] = "" 2890 2891 if not first: 2892 print("key file %s still missing some passwords." % (self.pwfile,)) 2893 if sys.version_info[0] >= 3: 2894 raw_input = input # pylint: disable=redefined-builtin 2895 answer = raw_input("try to edit again? [y]> ").strip() 2896 if answer and answer[0] not in 'yY': 2897 raise RuntimeError("key passwords unavailable") 2898 first = False 2899 2900 current = self.UpdateAndReadFile(current) 2901 2902 def PromptResult(self, current): # pylint: disable=no-self-use 2903 """Prompt the user to enter a value (password) for each key in 2904 'current' whose value is fales. Returns a new dict with all the 2905 values. 2906 """ 2907 result = {} 2908 for k, v in sorted(current.items()): 2909 if v: 2910 result[k] = v 2911 else: 2912 while True: 2913 result[k] = getpass.getpass( 2914 "Enter password for %s key> " % k).strip() 2915 if result[k]: 2916 break 2917 return result 2918 2919 def UpdateAndReadFile(self, current): 2920 if not self.editor or not self.pwfile: 2921 return self.PromptResult(current) 2922 2923 f = open(self.pwfile, "w") 2924 os.chmod(self.pwfile, 0o600) 2925 f.write("# Enter key passwords between the [[[ ]]] brackets.\n") 2926 f.write("# (Additional spaces are harmless.)\n\n") 2927 2928 first_line = None 2929 sorted_list = sorted([(not v, k, v) for (k, v) in current.items()]) 2930 for i, (_, k, v) in enumerate(sorted_list): 2931 f.write("[[[ %s ]]] %s\n" % (v, k)) 2932 if not v and first_line is None: 2933 # position cursor on first line with no password. 2934 first_line = i + 4 2935 f.close() 2936 2937 RunAndCheckOutput([self.editor, "+%d" % (first_line,), self.pwfile]) 2938 2939 return self.ReadFile() 2940 2941 def ReadFile(self): 2942 result = {} 2943 if self.pwfile is None: 2944 return result 2945 try: 2946 f = open(self.pwfile, "r") 2947 for line in f: 2948 line = line.strip() 2949 if not line or line[0] == '#': 2950 continue 2951 m = re.match(r"^\[\[\[\s*(.*?)\s*\]\]\]\s*(\S+)$", line) 2952 if not m: 2953 logger.warning("Failed to parse password file: %s", line) 2954 else: 2955 result[m.group(2)] = m.group(1) 2956 f.close() 2957 except IOError as e: 2958 if e.errno != errno.ENOENT: 2959 logger.exception("Error reading password file:") 2960 return result 2961 2962 2963def ZipWrite(zip_file, filename, arcname=None, perms=0o644, 2964 compress_type=None): 2965 2966 # http://b/18015246 2967 # Python 2.7's zipfile implementation wrongly thinks that zip64 is required 2968 # for files larger than 2GiB. We can work around this by adjusting their 2969 # limit. Note that `zipfile.writestr()` will not work for strings larger than 2970 # 2GiB. The Python interpreter sometimes rejects strings that large (though 2971 # it isn't clear to me exactly what circumstances cause this). 2972 # `zipfile.write()` must be used directly to work around this. 2973 # 2974 # This mess can be avoided if we port to python3. 2975 saved_zip64_limit = zipfile.ZIP64_LIMIT 2976 zipfile.ZIP64_LIMIT = (1 << 32) - 1 2977 2978 if compress_type is None: 2979 compress_type = zip_file.compression 2980 if arcname is None: 2981 arcname = filename 2982 2983 saved_stat = os.stat(filename) 2984 2985 try: 2986 # `zipfile.write()` doesn't allow us to pass ZipInfo, so just modify the 2987 # file to be zipped and reset it when we're done. 2988 os.chmod(filename, perms) 2989 2990 # Use a fixed timestamp so the output is repeatable. 2991 # Note: Use of fromtimestamp rather than utcfromtimestamp here is 2992 # intentional. zip stores datetimes in local time without a time zone 2993 # attached, so we need "epoch" but in the local time zone to get 2009/01/01 2994 # in the zip archive. 2995 local_epoch = datetime.datetime.fromtimestamp(0) 2996 timestamp = (datetime.datetime(2009, 1, 1) - local_epoch).total_seconds() 2997 os.utime(filename, (timestamp, timestamp)) 2998 2999 zip_file.write(filename, arcname=arcname, compress_type=compress_type) 3000 finally: 3001 os.chmod(filename, saved_stat.st_mode) 3002 os.utime(filename, (saved_stat.st_atime, saved_stat.st_mtime)) 3003 zipfile.ZIP64_LIMIT = saved_zip64_limit 3004 3005 3006def ZipWriteStr(zip_file, zinfo_or_arcname, data, perms=None, 3007 compress_type=None): 3008 """Wrap zipfile.writestr() function to work around the zip64 limit. 3009 3010 Even with the ZIP64_LIMIT workaround, it won't allow writing a string 3011 longer than 2GiB. It gives 'OverflowError: size does not fit in an int' 3012 when calling crc32(bytes). 3013 3014 But it still works fine to write a shorter string into a large zip file. 3015 We should use ZipWrite() whenever possible, and only use ZipWriteStr() 3016 when we know the string won't be too long. 3017 """ 3018 3019 saved_zip64_limit = zipfile.ZIP64_LIMIT 3020 zipfile.ZIP64_LIMIT = (1 << 32) - 1 3021 3022 if not isinstance(zinfo_or_arcname, zipfile.ZipInfo): 3023 zinfo = zipfile.ZipInfo(filename=zinfo_or_arcname) 3024 zinfo.compress_type = zip_file.compression 3025 if perms is None: 3026 perms = 0o100644 3027 else: 3028 zinfo = zinfo_or_arcname 3029 # Python 2 and 3 behave differently when calling ZipFile.writestr() with 3030 # zinfo.external_attr being 0. Python 3 uses `0o600 << 16` as the value for 3031 # such a case (since 3032 # https://github.com/python/cpython/commit/18ee29d0b870caddc0806916ca2c823254f1a1f9), 3033 # which seems to make more sense. Otherwise the entry will have 0o000 as the 3034 # permission bits. We follow the logic in Python 3 to get consistent 3035 # behavior between using the two versions. 3036 if not zinfo.external_attr: 3037 zinfo.external_attr = 0o600 << 16 3038 3039 # If compress_type is given, it overrides the value in zinfo. 3040 if compress_type is not None: 3041 zinfo.compress_type = compress_type 3042 3043 # If perms is given, it has a priority. 3044 if perms is not None: 3045 # If perms doesn't set the file type, mark it as a regular file. 3046 if perms & 0o770000 == 0: 3047 perms |= 0o100000 3048 zinfo.external_attr = perms << 16 3049 3050 # Use a fixed timestamp so the output is repeatable. 3051 zinfo.date_time = (2009, 1, 1, 0, 0, 0) 3052 3053 zip_file.writestr(zinfo, data) 3054 zipfile.ZIP64_LIMIT = saved_zip64_limit 3055 3056def ZipExclude(input_zip, output_zip, entries, force=False): 3057 """Deletes entries from a ZIP file. 3058 3059 Args: 3060 zip_filename: The name of the ZIP file. 3061 entries: The name of the entry, or the list of names to be deleted. 3062 """ 3063 if isinstance(entries, str): 3064 entries = [entries] 3065 # If list is empty, nothing to do 3066 if not entries: 3067 shutil.copy(input_zip, output_zip) 3068 return 3069 3070 with zipfile.ZipFile(input_zip, 'r') as zin: 3071 if not force and len(set(zin.namelist()).intersection(entries)) == 0: 3072 raise ExternalError( 3073 "Failed to delete zip entries, name not matched: %s" % entries) 3074 3075 fd, new_zipfile = tempfile.mkstemp(dir=os.path.dirname(input_zip)) 3076 os.close(fd) 3077 cmd = ["zip2zip", "-i", input_zip, "-o", new_zipfile] 3078 for entry in entries: 3079 cmd.append("-x") 3080 cmd.append(entry) 3081 RunAndCheckOutput(cmd) 3082 os.replace(new_zipfile, output_zip) 3083 3084 3085def ZipDelete(zip_filename, entries, force=False): 3086 """Deletes entries from a ZIP file. 3087 3088 Args: 3089 zip_filename: The name of the ZIP file. 3090 entries: The name of the entry, or the list of names to be deleted. 3091 """ 3092 if isinstance(entries, str): 3093 entries = [entries] 3094 # If list is empty, nothing to do 3095 if not entries: 3096 return 3097 3098 ZipExclude(zip_filename, zip_filename, entries, force) 3099 3100 3101def ZipClose(zip_file): 3102 # http://b/18015246 3103 # zipfile also refers to ZIP64_LIMIT during close() when it writes out the 3104 # central directory. 3105 saved_zip64_limit = zipfile.ZIP64_LIMIT 3106 zipfile.ZIP64_LIMIT = (1 << 32) - 1 3107 3108 zip_file.close() 3109 3110 zipfile.ZIP64_LIMIT = saved_zip64_limit 3111 3112 3113class DeviceSpecificParams(object): 3114 module = None 3115 3116 def __init__(self, **kwargs): 3117 """Keyword arguments to the constructor become attributes of this 3118 object, which is passed to all functions in the device-specific 3119 module.""" 3120 for k, v in kwargs.items(): 3121 setattr(self, k, v) 3122 self.extras = OPTIONS.extras 3123 3124 if self.module is None: 3125 path = OPTIONS.device_specific 3126 if not path: 3127 return 3128 try: 3129 if os.path.isdir(path): 3130 info = imp.find_module("releasetools", [path]) 3131 else: 3132 d, f = os.path.split(path) 3133 b, x = os.path.splitext(f) 3134 if x == ".py": 3135 f = b 3136 info = imp.find_module(f, [d]) 3137 logger.info("loaded device-specific extensions from %s", path) 3138 self.module = imp.load_module("device_specific", *info) 3139 except ImportError: 3140 logger.info("unable to load device-specific module; assuming none") 3141 3142 def _DoCall(self, function_name, *args, **kwargs): 3143 """Call the named function in the device-specific module, passing 3144 the given args and kwargs. The first argument to the call will be 3145 the DeviceSpecific object itself. If there is no module, or the 3146 module does not define the function, return the value of the 3147 'default' kwarg (which itself defaults to None).""" 3148 if self.module is None or not hasattr(self.module, function_name): 3149 return kwargs.get("default") 3150 return getattr(self.module, function_name)(*((self,) + args), **kwargs) 3151 3152 def FullOTA_Assertions(self): 3153 """Called after emitting the block of assertions at the top of a 3154 full OTA package. Implementations can add whatever additional 3155 assertions they like.""" 3156 return self._DoCall("FullOTA_Assertions") 3157 3158 def FullOTA_InstallBegin(self): 3159 """Called at the start of full OTA installation.""" 3160 return self._DoCall("FullOTA_InstallBegin") 3161 3162 def FullOTA_GetBlockDifferences(self): 3163 """Called during full OTA installation and verification. 3164 Implementation should return a list of BlockDifference objects describing 3165 the update on each additional partitions. 3166 """ 3167 return self._DoCall("FullOTA_GetBlockDifferences") 3168 3169 def FullOTA_InstallEnd(self): 3170 """Called at the end of full OTA installation; typically this is 3171 used to install the image for the device's baseband processor.""" 3172 return self._DoCall("FullOTA_InstallEnd") 3173 3174 def IncrementalOTA_Assertions(self): 3175 """Called after emitting the block of assertions at the top of an 3176 incremental OTA package. Implementations can add whatever 3177 additional assertions they like.""" 3178 return self._DoCall("IncrementalOTA_Assertions") 3179 3180 def IncrementalOTA_VerifyBegin(self): 3181 """Called at the start of the verification phase of incremental 3182 OTA installation; additional checks can be placed here to abort 3183 the script before any changes are made.""" 3184 return self._DoCall("IncrementalOTA_VerifyBegin") 3185 3186 def IncrementalOTA_VerifyEnd(self): 3187 """Called at the end of the verification phase of incremental OTA 3188 installation; additional checks can be placed here to abort the 3189 script before any changes are made.""" 3190 return self._DoCall("IncrementalOTA_VerifyEnd") 3191 3192 def IncrementalOTA_InstallBegin(self): 3193 """Called at the start of incremental OTA installation (after 3194 verification is complete).""" 3195 return self._DoCall("IncrementalOTA_InstallBegin") 3196 3197 def IncrementalOTA_GetBlockDifferences(self): 3198 """Called during incremental OTA installation and verification. 3199 Implementation should return a list of BlockDifference objects describing 3200 the update on each additional partitions. 3201 """ 3202 return self._DoCall("IncrementalOTA_GetBlockDifferences") 3203 3204 def IncrementalOTA_InstallEnd(self): 3205 """Called at the end of incremental OTA installation; typically 3206 this is used to install the image for the device's baseband 3207 processor.""" 3208 return self._DoCall("IncrementalOTA_InstallEnd") 3209 3210 def VerifyOTA_Assertions(self): 3211 return self._DoCall("VerifyOTA_Assertions") 3212 3213 3214class File(object): 3215 def __init__(self, name, data, compress_size=None): 3216 self.name = name 3217 self.data = data 3218 self.size = len(data) 3219 self.compress_size = compress_size or self.size 3220 self.sha1 = sha1(data).hexdigest() 3221 3222 @classmethod 3223 def FromLocalFile(cls, name, diskname): 3224 f = open(diskname, "rb") 3225 data = f.read() 3226 f.close() 3227 return File(name, data) 3228 3229 def WriteToTemp(self): 3230 t = tempfile.NamedTemporaryFile() 3231 t.write(self.data) 3232 t.flush() 3233 return t 3234 3235 def WriteToDir(self, d): 3236 with open(os.path.join(d, self.name), "wb") as fp: 3237 fp.write(self.data) 3238 3239 def AddToZip(self, z, compression=None): 3240 ZipWriteStr(z, self.name, self.data, compress_type=compression) 3241 3242 3243DIFF_PROGRAM_BY_EXT = { 3244 ".gz": "imgdiff", 3245 ".zip": ["imgdiff", "-z"], 3246 ".jar": ["imgdiff", "-z"], 3247 ".apk": ["imgdiff", "-z"], 3248 ".img": "imgdiff", 3249} 3250 3251 3252class Difference(object): 3253 def __init__(self, tf, sf, diff_program=None): 3254 self.tf = tf 3255 self.sf = sf 3256 self.patch = None 3257 self.diff_program = diff_program 3258 3259 def ComputePatch(self): 3260 """Compute the patch (as a string of data) needed to turn sf into 3261 tf. Returns the same tuple as GetPatch().""" 3262 3263 tf = self.tf 3264 sf = self.sf 3265 3266 if self.diff_program: 3267 diff_program = self.diff_program 3268 else: 3269 ext = os.path.splitext(tf.name)[1] 3270 diff_program = DIFF_PROGRAM_BY_EXT.get(ext, "bsdiff") 3271 3272 ttemp = tf.WriteToTemp() 3273 stemp = sf.WriteToTemp() 3274 3275 ext = os.path.splitext(tf.name)[1] 3276 3277 try: 3278 ptemp = tempfile.NamedTemporaryFile() 3279 if isinstance(diff_program, list): 3280 cmd = copy.copy(diff_program) 3281 else: 3282 cmd = [diff_program] 3283 cmd.append(stemp.name) 3284 cmd.append(ttemp.name) 3285 cmd.append(ptemp.name) 3286 p = Run(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE) 3287 err = [] 3288 3289 def run(): 3290 _, e = p.communicate() 3291 if e: 3292 err.append(e) 3293 th = threading.Thread(target=run) 3294 th.start() 3295 th.join(timeout=300) # 5 mins 3296 if th.is_alive(): 3297 logger.warning("diff command timed out") 3298 p.terminate() 3299 th.join(5) 3300 if th.is_alive(): 3301 p.kill() 3302 th.join() 3303 3304 if p.returncode != 0: 3305 logger.warning("Failure running %s:\n%s\n", cmd, "".join(err)) 3306 self.patch = None 3307 return None, None, None 3308 diff = ptemp.read() 3309 finally: 3310 ptemp.close() 3311 stemp.close() 3312 ttemp.close() 3313 3314 self.patch = diff 3315 return self.tf, self.sf, self.patch 3316 3317 def GetPatch(self): 3318 """Returns a tuple of (target_file, source_file, patch_data). 3319 3320 patch_data may be None if ComputePatch hasn't been called, or if 3321 computing the patch failed. 3322 """ 3323 return self.tf, self.sf, self.patch 3324 3325 3326def ComputeDifferences(diffs): 3327 """Call ComputePatch on all the Difference objects in 'diffs'.""" 3328 logger.info("%d diffs to compute", len(diffs)) 3329 3330 # Do the largest files first, to try and reduce the long-pole effect. 3331 by_size = [(i.tf.size, i) for i in diffs] 3332 by_size.sort(reverse=True) 3333 by_size = [i[1] for i in by_size] 3334 3335 lock = threading.Lock() 3336 diff_iter = iter(by_size) # accessed under lock 3337 3338 def worker(): 3339 try: 3340 lock.acquire() 3341 for d in diff_iter: 3342 lock.release() 3343 start = time.time() 3344 d.ComputePatch() 3345 dur = time.time() - start 3346 lock.acquire() 3347 3348 tf, sf, patch = d.GetPatch() 3349 if sf.name == tf.name: 3350 name = tf.name 3351 else: 3352 name = "%s (%s)" % (tf.name, sf.name) 3353 if patch is None: 3354 logger.error("patching failed! %40s", name) 3355 else: 3356 logger.info( 3357 "%8.2f sec %8d / %8d bytes (%6.2f%%) %s", dur, len(patch), 3358 tf.size, 100.0 * len(patch) / tf.size, name) 3359 lock.release() 3360 except Exception: 3361 logger.exception("Failed to compute diff from worker") 3362 raise 3363 3364 # start worker threads; wait for them all to finish. 3365 threads = [threading.Thread(target=worker) 3366 for i in range(OPTIONS.worker_threads)] 3367 for th in threads: 3368 th.start() 3369 while threads: 3370 threads.pop().join() 3371 3372 3373class BlockDifference(object): 3374 def __init__(self, partition, tgt, src=None, check_first_block=False, 3375 version=None, disable_imgdiff=False): 3376 self.tgt = tgt 3377 self.src = src 3378 self.partition = partition 3379 self.check_first_block = check_first_block 3380 self.disable_imgdiff = disable_imgdiff 3381 3382 if version is None: 3383 version = max( 3384 int(i) for i in 3385 OPTIONS.info_dict.get("blockimgdiff_versions", "1").split(",")) 3386 assert version >= 3 3387 self.version = version 3388 3389 b = BlockImageDiff(tgt, src, threads=OPTIONS.worker_threads, 3390 version=self.version, 3391 disable_imgdiff=self.disable_imgdiff) 3392 self.path = os.path.join(MakeTempDir(), partition) 3393 b.Compute(self.path) 3394 self._required_cache = b.max_stashed_size 3395 self.touched_src_ranges = b.touched_src_ranges 3396 self.touched_src_sha1 = b.touched_src_sha1 3397 3398 # On devices with dynamic partitions, for new partitions, 3399 # src is None but OPTIONS.source_info_dict is not. 3400 if OPTIONS.source_info_dict is None: 3401 is_dynamic_build = OPTIONS.info_dict.get( 3402 "use_dynamic_partitions") == "true" 3403 is_dynamic_source = False 3404 else: 3405 is_dynamic_build = OPTIONS.source_info_dict.get( 3406 "use_dynamic_partitions") == "true" 3407 is_dynamic_source = partition in shlex.split( 3408 OPTIONS.source_info_dict.get("dynamic_partition_list", "").strip()) 3409 3410 is_dynamic_target = partition in shlex.split( 3411 OPTIONS.info_dict.get("dynamic_partition_list", "").strip()) 3412 3413 # For dynamic partitions builds, check partition list in both source 3414 # and target build because new partitions may be added, and existing 3415 # partitions may be removed. 3416 is_dynamic = is_dynamic_build and (is_dynamic_source or is_dynamic_target) 3417 3418 if is_dynamic: 3419 self.device = 'map_partition("%s")' % partition 3420 else: 3421 if OPTIONS.source_info_dict is None: 3422 _, device_expr = GetTypeAndDeviceExpr("/" + partition, 3423 OPTIONS.info_dict) 3424 else: 3425 _, device_expr = GetTypeAndDeviceExpr("/" + partition, 3426 OPTIONS.source_info_dict) 3427 self.device = device_expr 3428 3429 @property 3430 def required_cache(self): 3431 return self._required_cache 3432 3433 def WriteScript(self, script, output_zip, progress=None, 3434 write_verify_script=False): 3435 if not self.src: 3436 # write the output unconditionally 3437 script.Print("Patching %s image unconditionally..." % (self.partition,)) 3438 else: 3439 script.Print("Patching %s image after verification." % (self.partition,)) 3440 3441 if progress: 3442 script.ShowProgress(progress, 0) 3443 self._WriteUpdate(script, output_zip) 3444 3445 if write_verify_script: 3446 self.WritePostInstallVerifyScript(script) 3447 3448 def WriteStrictVerifyScript(self, script): 3449 """Verify all the blocks in the care_map, including clobbered blocks. 3450 3451 This differs from the WriteVerifyScript() function: a) it prints different 3452 error messages; b) it doesn't allow half-way updated images to pass the 3453 verification.""" 3454 3455 partition = self.partition 3456 script.Print("Verifying %s..." % (partition,)) 3457 ranges = self.tgt.care_map 3458 ranges_str = ranges.to_string_raw() 3459 script.AppendExtra( 3460 'range_sha1(%s, "%s") == "%s" && ui_print(" Verified.") || ' 3461 'ui_print("%s has unexpected contents.");' % ( 3462 self.device, ranges_str, 3463 self.tgt.TotalSha1(include_clobbered_blocks=True), 3464 self.partition)) 3465 script.AppendExtra("") 3466 3467 def WriteVerifyScript(self, script, touched_blocks_only=False): 3468 partition = self.partition 3469 3470 # full OTA 3471 if not self.src: 3472 script.Print("Image %s will be patched unconditionally." % (partition,)) 3473 3474 # incremental OTA 3475 else: 3476 if touched_blocks_only: 3477 ranges = self.touched_src_ranges 3478 expected_sha1 = self.touched_src_sha1 3479 else: 3480 ranges = self.src.care_map.subtract(self.src.clobbered_blocks) 3481 expected_sha1 = self.src.TotalSha1() 3482 3483 # No blocks to be checked, skipping. 3484 if not ranges: 3485 return 3486 3487 ranges_str = ranges.to_string_raw() 3488 script.AppendExtra( 3489 'if (range_sha1(%s, "%s") == "%s" || block_image_verify(%s, ' 3490 'package_extract_file("%s.transfer.list"), "%s.new.dat", ' 3491 '"%s.patch.dat")) then' % ( 3492 self.device, ranges_str, expected_sha1, 3493 self.device, partition, partition, partition)) 3494 script.Print('Verified %s image...' % (partition,)) 3495 script.AppendExtra('else') 3496 3497 if self.version >= 4: 3498 3499 # Bug: 21124327 3500 # When generating incrementals for the system and vendor partitions in 3501 # version 4 or newer, explicitly check the first block (which contains 3502 # the superblock) of the partition to see if it's what we expect. If 3503 # this check fails, give an explicit log message about the partition 3504 # having been remounted R/W (the most likely explanation). 3505 if self.check_first_block: 3506 script.AppendExtra('check_first_block(%s);' % (self.device,)) 3507 3508 # If version >= 4, try block recovery before abort update 3509 if partition == "system": 3510 code = ErrorCode.SYSTEM_RECOVER_FAILURE 3511 else: 3512 code = ErrorCode.VENDOR_RECOVER_FAILURE 3513 script.AppendExtra(( 3514 'ifelse (block_image_recover({device}, "{ranges}") && ' 3515 'block_image_verify({device}, ' 3516 'package_extract_file("{partition}.transfer.list"), ' 3517 '"{partition}.new.dat", "{partition}.patch.dat"), ' 3518 'ui_print("{partition} recovered successfully."), ' 3519 'abort("E{code}: {partition} partition fails to recover"));\n' 3520 'endif;').format(device=self.device, ranges=ranges_str, 3521 partition=partition, code=code)) 3522 3523 # Abort the OTA update. Note that the incremental OTA cannot be applied 3524 # even if it may match the checksum of the target partition. 3525 # a) If version < 3, operations like move and erase will make changes 3526 # unconditionally and damage the partition. 3527 # b) If version >= 3, it won't even reach here. 3528 else: 3529 if partition == "system": 3530 code = ErrorCode.SYSTEM_VERIFICATION_FAILURE 3531 else: 3532 code = ErrorCode.VENDOR_VERIFICATION_FAILURE 3533 script.AppendExtra(( 3534 'abort("E%d: %s partition has unexpected contents");\n' 3535 'endif;') % (code, partition)) 3536 3537 def WritePostInstallVerifyScript(self, script): 3538 partition = self.partition 3539 script.Print('Verifying the updated %s image...' % (partition,)) 3540 # Unlike pre-install verification, clobbered_blocks should not be ignored. 3541 ranges = self.tgt.care_map 3542 ranges_str = ranges.to_string_raw() 3543 script.AppendExtra( 3544 'if range_sha1(%s, "%s") == "%s" then' % ( 3545 self.device, ranges_str, 3546 self.tgt.TotalSha1(include_clobbered_blocks=True))) 3547 3548 # Bug: 20881595 3549 # Verify that extended blocks are really zeroed out. 3550 if self.tgt.extended: 3551 ranges_str = self.tgt.extended.to_string_raw() 3552 script.AppendExtra( 3553 'if range_sha1(%s, "%s") == "%s" then' % ( 3554 self.device, ranges_str, 3555 self._HashZeroBlocks(self.tgt.extended.size()))) 3556 script.Print('Verified the updated %s image.' % (partition,)) 3557 if partition == "system": 3558 code = ErrorCode.SYSTEM_NONZERO_CONTENTS 3559 else: 3560 code = ErrorCode.VENDOR_NONZERO_CONTENTS 3561 script.AppendExtra( 3562 'else\n' 3563 ' abort("E%d: %s partition has unexpected non-zero contents after ' 3564 'OTA update");\n' 3565 'endif;' % (code, partition)) 3566 else: 3567 script.Print('Verified the updated %s image.' % (partition,)) 3568 3569 if partition == "system": 3570 code = ErrorCode.SYSTEM_UNEXPECTED_CONTENTS 3571 else: 3572 code = ErrorCode.VENDOR_UNEXPECTED_CONTENTS 3573 3574 script.AppendExtra( 3575 'else\n' 3576 ' abort("E%d: %s partition has unexpected contents after OTA ' 3577 'update");\n' 3578 'endif;' % (code, partition)) 3579 3580 def _WriteUpdate(self, script, output_zip): 3581 ZipWrite(output_zip, 3582 '{}.transfer.list'.format(self.path), 3583 '{}.transfer.list'.format(self.partition)) 3584 3585 # For full OTA, compress the new.dat with brotli with quality 6 to reduce 3586 # its size. Quailty 9 almost triples the compression time but doesn't 3587 # further reduce the size too much. For a typical 1.8G system.new.dat 3588 # zip | brotli(quality 6) | brotli(quality 9) 3589 # compressed_size: 942M | 869M (~8% reduced) | 854M 3590 # compression_time: 75s | 265s | 719s 3591 # decompression_time: 15s | 25s | 25s 3592 3593 if not self.src: 3594 brotli_cmd = ['brotli', '--quality=6', 3595 '--output={}.new.dat.br'.format(self.path), 3596 '{}.new.dat'.format(self.path)] 3597 print("Compressing {}.new.dat with brotli".format(self.partition)) 3598 RunAndCheckOutput(brotli_cmd) 3599 3600 new_data_name = '{}.new.dat.br'.format(self.partition) 3601 ZipWrite(output_zip, 3602 '{}.new.dat.br'.format(self.path), 3603 new_data_name, 3604 compress_type=zipfile.ZIP_STORED) 3605 else: 3606 new_data_name = '{}.new.dat'.format(self.partition) 3607 ZipWrite(output_zip, '{}.new.dat'.format(self.path), new_data_name) 3608 3609 ZipWrite(output_zip, 3610 '{}.patch.dat'.format(self.path), 3611 '{}.patch.dat'.format(self.partition), 3612 compress_type=zipfile.ZIP_STORED) 3613 3614 if self.partition == "system": 3615 code = ErrorCode.SYSTEM_UPDATE_FAILURE 3616 else: 3617 code = ErrorCode.VENDOR_UPDATE_FAILURE 3618 3619 call = ('block_image_update({device}, ' 3620 'package_extract_file("{partition}.transfer.list"), ' 3621 '"{new_data_name}", "{partition}.patch.dat") ||\n' 3622 ' abort("E{code}: Failed to update {partition} image.");'.format( 3623 device=self.device, partition=self.partition, 3624 new_data_name=new_data_name, code=code)) 3625 script.AppendExtra(script.WordWrap(call)) 3626 3627 def _HashBlocks(self, source, ranges): # pylint: disable=no-self-use 3628 data = source.ReadRangeSet(ranges) 3629 ctx = sha1() 3630 3631 for p in data: 3632 ctx.update(p) 3633 3634 return ctx.hexdigest() 3635 3636 def _HashZeroBlocks(self, num_blocks): # pylint: disable=no-self-use 3637 """Return the hash value for all zero blocks.""" 3638 zero_block = '\x00' * 4096 3639 ctx = sha1() 3640 for _ in range(num_blocks): 3641 ctx.update(zero_block) 3642 3643 return ctx.hexdigest() 3644 3645 3646# Expose these two classes to support vendor-specific scripts 3647DataImage = images.DataImage 3648EmptyImage = images.EmptyImage 3649 3650 3651# map recovery.fstab's fs_types to mount/format "partition types" 3652PARTITION_TYPES = { 3653 "ext4": "EMMC", 3654 "emmc": "EMMC", 3655 "f2fs": "EMMC", 3656 "squashfs": "EMMC", 3657 "erofs": "EMMC" 3658} 3659 3660 3661def GetTypeAndDevice(mount_point, info, check_no_slot=True): 3662 """ 3663 Use GetTypeAndDeviceExpr whenever possible. This function is kept for 3664 backwards compatibility. It aborts if the fstab entry has slotselect option 3665 (unless check_no_slot is explicitly set to False). 3666 """ 3667 fstab = info["fstab"] 3668 if fstab: 3669 if check_no_slot: 3670 assert not fstab[mount_point].slotselect, \ 3671 "Use GetTypeAndDeviceExpr instead" 3672 return (PARTITION_TYPES[fstab[mount_point].fs_type], 3673 fstab[mount_point].device) 3674 raise KeyError 3675 3676 3677def GetTypeAndDeviceExpr(mount_point, info): 3678 """ 3679 Return the filesystem of the partition, and an edify expression that evaluates 3680 to the device at runtime. 3681 """ 3682 fstab = info["fstab"] 3683 if fstab: 3684 p = fstab[mount_point] 3685 device_expr = '"%s"' % fstab[mount_point].device 3686 if p.slotselect: 3687 device_expr = 'add_slot_suffix(%s)' % device_expr 3688 return (PARTITION_TYPES[fstab[mount_point].fs_type], device_expr) 3689 raise KeyError 3690 3691 3692def GetEntryForDevice(fstab, device): 3693 """ 3694 Returns: 3695 The first entry in fstab whose device is the given value. 3696 """ 3697 if not fstab: 3698 return None 3699 for mount_point in fstab: 3700 if fstab[mount_point].device == device: 3701 return fstab[mount_point] 3702 return None 3703 3704 3705def ParseCertificate(data): 3706 """Parses and converts a PEM-encoded certificate into DER-encoded. 3707 3708 This gives the same result as `openssl x509 -in <filename> -outform DER`. 3709 3710 Returns: 3711 The decoded certificate bytes. 3712 """ 3713 cert_buffer = [] 3714 save = False 3715 for line in data.split("\n"): 3716 if "--END CERTIFICATE--" in line: 3717 break 3718 if save: 3719 cert_buffer.append(line) 3720 if "--BEGIN CERTIFICATE--" in line: 3721 save = True 3722 cert = base64.b64decode("".join(cert_buffer)) 3723 return cert 3724 3725 3726def ExtractPublicKey(cert): 3727 """Extracts the public key (PEM-encoded) from the given certificate file. 3728 3729 Args: 3730 cert: The certificate filename. 3731 3732 Returns: 3733 The public key string. 3734 3735 Raises: 3736 AssertionError: On non-zero return from 'openssl'. 3737 """ 3738 # The behavior with '-out' is different between openssl 1.1 and openssl 1.0. 3739 # While openssl 1.1 writes the key into the given filename followed by '-out', 3740 # openssl 1.0 (both of 1.0.1 and 1.0.2) doesn't. So we collect the output from 3741 # stdout instead. 3742 cmd = ['openssl', 'x509', '-pubkey', '-noout', '-in', cert] 3743 proc = Run(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE) 3744 pubkey, stderrdata = proc.communicate() 3745 assert proc.returncode == 0, \ 3746 'Failed to dump public key from certificate: %s\n%s' % (cert, stderrdata) 3747 return pubkey 3748 3749 3750def ExtractAvbPublicKey(avbtool, key): 3751 """Extracts the AVB public key from the given public or private key. 3752 3753 Args: 3754 avbtool: The AVB tool to use. 3755 key: The input key file, which should be PEM-encoded public or private key. 3756 3757 Returns: 3758 The path to the extracted AVB public key file. 3759 """ 3760 output = MakeTempFile(prefix='avb-', suffix='.avbpubkey') 3761 RunAndCheckOutput( 3762 [avbtool, 'extract_public_key', "--key", key, "--output", output]) 3763 return output 3764 3765 3766def MakeRecoveryPatch(input_dir, output_sink, recovery_img, boot_img, 3767 info_dict=None): 3768 """Generates the recovery-from-boot patch and writes the script to output. 3769 3770 Most of the space in the boot and recovery images is just the kernel, which is 3771 identical for the two, so the resulting patch should be efficient. Add it to 3772 the output zip, along with a shell script that is run from init.rc on first 3773 boot to actually do the patching and install the new recovery image. 3774 3775 Args: 3776 input_dir: The top-level input directory of the target-files.zip. 3777 output_sink: The callback function that writes the result. 3778 recovery_img: File object for the recovery image. 3779 boot_img: File objects for the boot image. 3780 info_dict: A dict returned by common.LoadInfoDict() on the input 3781 target_files. Will use OPTIONS.info_dict if None has been given. 3782 """ 3783 if info_dict is None: 3784 info_dict = OPTIONS.info_dict 3785 3786 full_recovery_image = info_dict.get("full_recovery_image") == "true" 3787 board_uses_vendorimage = info_dict.get("board_uses_vendorimage") == "true" 3788 3789 if board_uses_vendorimage: 3790 # In this case, the output sink is rooted at VENDOR 3791 recovery_img_path = "etc/recovery.img" 3792 recovery_resource_dat_path = "VENDOR/etc/recovery-resource.dat" 3793 sh_dir = "bin" 3794 else: 3795 # In this case the output sink is rooted at SYSTEM 3796 recovery_img_path = "vendor/etc/recovery.img" 3797 recovery_resource_dat_path = "SYSTEM/vendor/etc/recovery-resource.dat" 3798 sh_dir = "vendor/bin" 3799 3800 if full_recovery_image: 3801 output_sink(recovery_img_path, recovery_img.data) 3802 3803 else: 3804 include_recovery_dtbo = info_dict.get("include_recovery_dtbo") == "true" 3805 include_recovery_acpio = info_dict.get("include_recovery_acpio") == "true" 3806 path = os.path.join(input_dir, recovery_resource_dat_path) 3807 # Use bsdiff to handle mismatching entries (Bug: 72731506) 3808 if include_recovery_dtbo or include_recovery_acpio: 3809 diff_program = ["bsdiff"] 3810 bonus_args = "" 3811 assert not os.path.exists(path) 3812 else: 3813 diff_program = ["imgdiff"] 3814 if os.path.exists(path): 3815 diff_program.append("-b") 3816 diff_program.append(path) 3817 bonus_args = "--bonus /vendor/etc/recovery-resource.dat" 3818 else: 3819 bonus_args = "" 3820 3821 d = Difference(recovery_img, boot_img, diff_program=diff_program) 3822 _, _, patch = d.ComputePatch() 3823 output_sink("recovery-from-boot.p", patch) 3824 3825 try: 3826 # The following GetTypeAndDevice()s need to use the path in the target 3827 # info_dict instead of source_info_dict. 3828 boot_type, boot_device = GetTypeAndDevice("/boot", info_dict, 3829 check_no_slot=False) 3830 recovery_type, recovery_device = GetTypeAndDevice("/recovery", info_dict, 3831 check_no_slot=False) 3832 except KeyError: 3833 return 3834 3835 if full_recovery_image: 3836 3837 # Note that we use /vendor to refer to the recovery resources. This will 3838 # work for a separate vendor partition mounted at /vendor or a 3839 # /system/vendor subdirectory on the system partition, for which init will 3840 # create a symlink from /vendor to /system/vendor. 3841 3842 sh = """#!/vendor/bin/sh 3843if ! applypatch --check %(type)s:%(device)s:%(size)d:%(sha1)s; then 3844 applypatch \\ 3845 --flash /vendor/etc/recovery.img \\ 3846 --target %(type)s:%(device)s:%(size)d:%(sha1)s && \\ 3847 log -t recovery "Installing new recovery image: succeeded" || \\ 3848 log -t recovery "Installing new recovery image: failed" 3849else 3850 log -t recovery "Recovery image already installed" 3851fi 3852""" % {'type': recovery_type, 3853 'device': recovery_device, 3854 'sha1': recovery_img.sha1, 3855 'size': recovery_img.size} 3856 else: 3857 sh = """#!/vendor/bin/sh 3858if ! applypatch --check %(recovery_type)s:%(recovery_device)s:%(recovery_size)d:%(recovery_sha1)s; then 3859 applypatch %(bonus_args)s \\ 3860 --patch /vendor/recovery-from-boot.p \\ 3861 --source %(boot_type)s:%(boot_device)s:%(boot_size)d:%(boot_sha1)s \\ 3862 --target %(recovery_type)s:%(recovery_device)s:%(recovery_size)d:%(recovery_sha1)s && \\ 3863 log -t recovery "Installing new recovery image: succeeded" || \\ 3864 log -t recovery "Installing new recovery image: failed" 3865else 3866 log -t recovery "Recovery image already installed" 3867fi 3868""" % {'boot_size': boot_img.size, 3869 'boot_sha1': boot_img.sha1, 3870 'recovery_size': recovery_img.size, 3871 'recovery_sha1': recovery_img.sha1, 3872 'boot_type': boot_type, 3873 'boot_device': boot_device + '$(getprop ro.boot.slot_suffix)', 3874 'recovery_type': recovery_type, 3875 'recovery_device': recovery_device + '$(getprop ro.boot.slot_suffix)', 3876 'bonus_args': bonus_args} 3877 3878 # The install script location moved from /system/etc to /system/bin in the L 3879 # release. In the R release it is in VENDOR/bin or SYSTEM/vendor/bin. 3880 sh_location = os.path.join(sh_dir, "install-recovery.sh") 3881 3882 logger.info("putting script in %s", sh_location) 3883 3884 output_sink(sh_location, sh.encode()) 3885 3886 3887class DynamicPartitionUpdate(object): 3888 def __init__(self, src_group=None, tgt_group=None, progress=None, 3889 block_difference=None): 3890 self.src_group = src_group 3891 self.tgt_group = tgt_group 3892 self.progress = progress 3893 self.block_difference = block_difference 3894 3895 @property 3896 def src_size(self): 3897 if not self.block_difference: 3898 return 0 3899 return DynamicPartitionUpdate._GetSparseImageSize(self.block_difference.src) 3900 3901 @property 3902 def tgt_size(self): 3903 if not self.block_difference: 3904 return 0 3905 return DynamicPartitionUpdate._GetSparseImageSize(self.block_difference.tgt) 3906 3907 @staticmethod 3908 def _GetSparseImageSize(img): 3909 if not img: 3910 return 0 3911 return img.blocksize * img.total_blocks 3912 3913 3914class DynamicGroupUpdate(object): 3915 def __init__(self, src_size=None, tgt_size=None): 3916 # None: group does not exist. 0: no size limits. 3917 self.src_size = src_size 3918 self.tgt_size = tgt_size 3919 3920 3921class DynamicPartitionsDifference(object): 3922 def __init__(self, info_dict, block_diffs, progress_dict=None, 3923 source_info_dict=None): 3924 if progress_dict is None: 3925 progress_dict = {} 3926 3927 self._remove_all_before_apply = False 3928 if source_info_dict is None: 3929 self._remove_all_before_apply = True 3930 source_info_dict = {} 3931 3932 block_diff_dict = collections.OrderedDict( 3933 [(e.partition, e) for e in block_diffs]) 3934 3935 assert len(block_diff_dict) == len(block_diffs), \ 3936 "Duplicated BlockDifference object for {}".format( 3937 [partition for partition, count in 3938 collections.Counter(e.partition for e in block_diffs).items() 3939 if count > 1]) 3940 3941 self._partition_updates = collections.OrderedDict() 3942 3943 for p, block_diff in block_diff_dict.items(): 3944 self._partition_updates[p] = DynamicPartitionUpdate() 3945 self._partition_updates[p].block_difference = block_diff 3946 3947 for p, progress in progress_dict.items(): 3948 if p in self._partition_updates: 3949 self._partition_updates[p].progress = progress 3950 3951 tgt_groups = shlex.split(info_dict.get( 3952 "super_partition_groups", "").strip()) 3953 src_groups = shlex.split(source_info_dict.get( 3954 "super_partition_groups", "").strip()) 3955 3956 for g in tgt_groups: 3957 for p in shlex.split(info_dict.get( 3958 "super_%s_partition_list" % g, "").strip()): 3959 assert p in self._partition_updates, \ 3960 "{} is in target super_{}_partition_list but no BlockDifference " \ 3961 "object is provided.".format(p, g) 3962 self._partition_updates[p].tgt_group = g 3963 3964 for g in src_groups: 3965 for p in shlex.split(source_info_dict.get( 3966 "super_%s_partition_list" % g, "").strip()): 3967 assert p in self._partition_updates, \ 3968 "{} is in source super_{}_partition_list but no BlockDifference " \ 3969 "object is provided.".format(p, g) 3970 self._partition_updates[p].src_group = g 3971 3972 target_dynamic_partitions = set(shlex.split(info_dict.get( 3973 "dynamic_partition_list", "").strip())) 3974 block_diffs_with_target = set(p for p, u in self._partition_updates.items() 3975 if u.tgt_size) 3976 assert block_diffs_with_target == target_dynamic_partitions, \ 3977 "Target Dynamic partitions: {}, BlockDifference with target: {}".format( 3978 list(target_dynamic_partitions), list(block_diffs_with_target)) 3979 3980 source_dynamic_partitions = set(shlex.split(source_info_dict.get( 3981 "dynamic_partition_list", "").strip())) 3982 block_diffs_with_source = set(p for p, u in self._partition_updates.items() 3983 if u.src_size) 3984 assert block_diffs_with_source == source_dynamic_partitions, \ 3985 "Source Dynamic partitions: {}, BlockDifference with source: {}".format( 3986 list(source_dynamic_partitions), list(block_diffs_with_source)) 3987 3988 if self._partition_updates: 3989 logger.info("Updating dynamic partitions %s", 3990 self._partition_updates.keys()) 3991 3992 self._group_updates = collections.OrderedDict() 3993 3994 for g in tgt_groups: 3995 self._group_updates[g] = DynamicGroupUpdate() 3996 self._group_updates[g].tgt_size = int(info_dict.get( 3997 "super_%s_group_size" % g, "0").strip()) 3998 3999 for g in src_groups: 4000 if g not in self._group_updates: 4001 self._group_updates[g] = DynamicGroupUpdate() 4002 self._group_updates[g].src_size = int(source_info_dict.get( 4003 "super_%s_group_size" % g, "0").strip()) 4004 4005 self._Compute() 4006 4007 def WriteScript(self, script, output_zip, write_verify_script=False): 4008 script.Comment('--- Start patching dynamic partitions ---') 4009 for p, u in self._partition_updates.items(): 4010 if u.src_size and u.tgt_size and u.src_size > u.tgt_size: 4011 script.Comment('Patch partition %s' % p) 4012 u.block_difference.WriteScript(script, output_zip, progress=u.progress, 4013 write_verify_script=False) 4014 4015 op_list_path = MakeTempFile() 4016 with open(op_list_path, 'w') as f: 4017 for line in self._op_list: 4018 f.write('{}\n'.format(line)) 4019 4020 ZipWrite(output_zip, op_list_path, "dynamic_partitions_op_list") 4021 4022 script.Comment('Update dynamic partition metadata') 4023 script.AppendExtra('assert(update_dynamic_partitions(' 4024 'package_extract_file("dynamic_partitions_op_list")));') 4025 4026 if write_verify_script: 4027 for p, u in self._partition_updates.items(): 4028 if u.src_size and u.tgt_size and u.src_size > u.tgt_size: 4029 u.block_difference.WritePostInstallVerifyScript(script) 4030 script.AppendExtra('unmap_partition("%s");' % p) # ignore errors 4031 4032 for p, u in self._partition_updates.items(): 4033 if u.tgt_size and u.src_size <= u.tgt_size: 4034 script.Comment('Patch partition %s' % p) 4035 u.block_difference.WriteScript(script, output_zip, progress=u.progress, 4036 write_verify_script=write_verify_script) 4037 if write_verify_script: 4038 script.AppendExtra('unmap_partition("%s");' % p) # ignore errors 4039 4040 script.Comment('--- End patching dynamic partitions ---') 4041 4042 def _Compute(self): 4043 self._op_list = list() 4044 4045 def append(line): 4046 self._op_list.append(line) 4047 4048 def comment(line): 4049 self._op_list.append("# %s" % line) 4050 4051 if self._remove_all_before_apply: 4052 comment('Remove all existing dynamic partitions and groups before ' 4053 'applying full OTA') 4054 append('remove_all_groups') 4055 4056 for p, u in self._partition_updates.items(): 4057 if u.src_group and not u.tgt_group: 4058 append('remove %s' % p) 4059 4060 for p, u in self._partition_updates.items(): 4061 if u.src_group and u.tgt_group and u.src_group != u.tgt_group: 4062 comment('Move partition %s from %s to default' % (p, u.src_group)) 4063 append('move %s default' % p) 4064 4065 for p, u in self._partition_updates.items(): 4066 if u.src_size and u.tgt_size and u.src_size > u.tgt_size: 4067 comment('Shrink partition %s from %d to %d' % 4068 (p, u.src_size, u.tgt_size)) 4069 append('resize %s %s' % (p, u.tgt_size)) 4070 4071 for g, u in self._group_updates.items(): 4072 if u.src_size is not None and u.tgt_size is None: 4073 append('remove_group %s' % g) 4074 if (u.src_size is not None and u.tgt_size is not None and 4075 u.src_size > u.tgt_size): 4076 comment('Shrink group %s from %d to %d' % (g, u.src_size, u.tgt_size)) 4077 append('resize_group %s %d' % (g, u.tgt_size)) 4078 4079 for g, u in self._group_updates.items(): 4080 if u.src_size is None and u.tgt_size is not None: 4081 comment('Add group %s with maximum size %d' % (g, u.tgt_size)) 4082 append('add_group %s %d' % (g, u.tgt_size)) 4083 if (u.src_size is not None and u.tgt_size is not None and 4084 u.src_size < u.tgt_size): 4085 comment('Grow group %s from %d to %d' % (g, u.src_size, u.tgt_size)) 4086 append('resize_group %s %d' % (g, u.tgt_size)) 4087 4088 for p, u in self._partition_updates.items(): 4089 if u.tgt_group and not u.src_group: 4090 comment('Add partition %s to group %s' % (p, u.tgt_group)) 4091 append('add %s %s' % (p, u.tgt_group)) 4092 4093 for p, u in self._partition_updates.items(): 4094 if u.tgt_size and u.src_size < u.tgt_size: 4095 comment('Grow partition %s from %d to %d' % 4096 (p, u.src_size, u.tgt_size)) 4097 append('resize %s %d' % (p, u.tgt_size)) 4098 4099 for p, u in self._partition_updates.items(): 4100 if u.src_group and u.tgt_group and u.src_group != u.tgt_group: 4101 comment('Move partition %s from default to %s' % 4102 (p, u.tgt_group)) 4103 append('move %s %s' % (p, u.tgt_group)) 4104 4105 4106def GetBootImageBuildProp(boot_img, ramdisk_format=RamdiskFormat.LZ4): 4107 """ 4108 Get build.prop from ramdisk within the boot image 4109 4110 Args: 4111 boot_img: the boot image file. Ramdisk must be compressed with lz4 or gzip format. 4112 4113 Return: 4114 An extracted file that stores properties in the boot image. 4115 """ 4116 tmp_dir = MakeTempDir('boot_', suffix='.img') 4117 try: 4118 RunAndCheckOutput(['unpack_bootimg', '--boot_img', 4119 boot_img, '--out', tmp_dir]) 4120 ramdisk = os.path.join(tmp_dir, 'ramdisk') 4121 if not os.path.isfile(ramdisk): 4122 logger.warning('Unable to get boot image timestamp: no ramdisk in boot') 4123 return None 4124 uncompressed_ramdisk = os.path.join(tmp_dir, 'uncompressed_ramdisk') 4125 if ramdisk_format == RamdiskFormat.LZ4: 4126 RunAndCheckOutput(['lz4', '-d', ramdisk, uncompressed_ramdisk]) 4127 elif ramdisk_format == RamdiskFormat.GZ: 4128 with open(ramdisk, 'rb') as input_stream: 4129 with open(uncompressed_ramdisk, 'wb') as output_stream: 4130 p2 = Run(['gzip', '-d'], stdin=input_stream.fileno(), 4131 stdout=output_stream.fileno()) 4132 p2.wait() 4133 else: 4134 logger.error('Only support lz4 or gzip ramdisk format.') 4135 return None 4136 4137 abs_uncompressed_ramdisk = os.path.abspath(uncompressed_ramdisk) 4138 extracted_ramdisk = MakeTempDir('extracted_ramdisk') 4139 # Use "toybox cpio" instead of "cpio" because the latter invokes cpio from 4140 # the host environment. 4141 RunAndCheckOutput(['toybox', 'cpio', '-F', abs_uncompressed_ramdisk, '-i'], 4142 cwd=extracted_ramdisk) 4143 4144 for search_path in RAMDISK_BUILD_PROP_REL_PATHS: 4145 prop_file = os.path.join(extracted_ramdisk, search_path) 4146 if os.path.isfile(prop_file): 4147 return prop_file 4148 logger.warning( 4149 'Unable to get boot image timestamp: no %s in ramdisk', search_path) 4150 4151 return None 4152 4153 except ExternalError as e: 4154 logger.warning('Unable to get boot image build props: %s', e) 4155 return None 4156 4157 4158def GetBootImageTimestamp(boot_img): 4159 """ 4160 Get timestamp from ramdisk within the boot image 4161 4162 Args: 4163 boot_img: the boot image file. Ramdisk must be compressed with lz4 format. 4164 4165 Return: 4166 An integer that corresponds to the timestamp of the boot image, or None 4167 if file has unknown format. Raise exception if an unexpected error has 4168 occurred. 4169 """ 4170 prop_file = GetBootImageBuildProp(boot_img) 4171 if not prop_file: 4172 return None 4173 4174 props = PartitionBuildProps.FromBuildPropFile('boot', prop_file) 4175 if props is None: 4176 return None 4177 4178 try: 4179 timestamp = props.GetProp('ro.bootimage.build.date.utc') 4180 if timestamp: 4181 return int(timestamp) 4182 logger.warning( 4183 'Unable to get boot image timestamp: ro.bootimage.build.date.utc is undefined') 4184 return None 4185 4186 except ExternalError as e: 4187 logger.warning('Unable to get boot image timestamp: %s', e) 4188 return None 4189 4190 4191def IsSparseImage(filepath): 4192 if not os.path.exists(filepath): 4193 return False 4194 with open(filepath, 'rb') as fp: 4195 # Magic for android sparse image format 4196 # https://source.android.com/devices/bootloader/images 4197 return fp.read(4) == b'\x3A\xFF\x26\xED' 4198 4199 4200def UnsparseImage(filepath, target_path=None): 4201 if not IsSparseImage(filepath): 4202 return 4203 if target_path is None: 4204 tmp_img = MakeTempFile(suffix=".img") 4205 RunAndCheckOutput(["simg2img", filepath, tmp_img]) 4206 os.rename(tmp_img, filepath) 4207 else: 4208 RunAndCheckOutput(["simg2img", filepath, target_path]) 4209 4210 4211def ParseUpdateEngineConfig(path: str): 4212 """Parse the update_engine config stored in file `path` 4213 Args 4214 path: Path to update_engine_config.txt file in target_files 4215 4216 Returns 4217 A tuple of (major, minor) version number . E.g. (2, 8) 4218 """ 4219 with open(path, "r") as fp: 4220 # update_engine_config.txt is only supposed to contain two lines, 4221 # PAYLOAD_MAJOR_VERSION and PAYLOAD_MINOR_VERSION. 1024 should be more than 4222 # sufficient. If the length is more than that, something is wrong. 4223 data = fp.read(1024) 4224 major = re.search(r"PAYLOAD_MAJOR_VERSION=(\d+)", data) 4225 if not major: 4226 raise ValueError( 4227 f"{path} is an invalid update_engine config, missing PAYLOAD_MAJOR_VERSION {data}") 4228 minor = re.search(r"PAYLOAD_MINOR_VERSION=(\d+)", data) 4229 if not minor: 4230 raise ValueError( 4231 f"{path} is an invalid update_engine config, missing PAYLOAD_MINOR_VERSION {data}") 4232 return (int(major.group(1)), int(minor.group(1))) 4233