1 /*
2 * Copyright (C) 2019 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "partition_installer.h"
18
19 #include <sys/statvfs.h>
20
21 #include <android-base/file.h>
22 #include <android-base/logging.h>
23 #include <android-base/properties.h>
24 #include <android-base/unique_fd.h>
25 #include <ext4_utils/ext4_utils.h>
26 #include <fs_mgr.h>
27 #include <fs_mgr_dm_linear.h>
28 #include <libdm/dm.h>
29 #include <libgsi/libgsi.h>
30 #include <liblp/partition_opener.h>
31
32 #include "file_paths.h"
33 #include "gsi_service.h"
34 #include "libgsi_private.h"
35
36 namespace android {
37 namespace gsi {
38
39 using namespace std::literals;
40 using namespace android::dm;
41 using namespace android::fiemap;
42 using namespace android::fs_mgr;
43 using android::base::unique_fd;
44
PartitionInstaller(GsiService * service,const std::string & install_dir,const std::string & name,const std::string & active_dsu,int64_t size,bool read_only)45 PartitionInstaller::PartitionInstaller(GsiService* service, const std::string& install_dir,
46 const std::string& name, const std::string& active_dsu,
47 int64_t size, bool read_only)
48 : service_(service),
49 install_dir_(install_dir),
50 name_(name),
51 active_dsu_(active_dsu),
52 size_(size),
53 readOnly_(read_only) {
54 images_ = ImageManager::Open(MetadataDir(active_dsu), install_dir_);
55 }
56
~PartitionInstaller()57 PartitionInstaller::~PartitionInstaller() {
58 if (FinishInstall() != IGsiService::INSTALL_OK) {
59 LOG(ERROR) << "Installation failed: install_dir=" << install_dir_
60 << ", dsu_slot=" << active_dsu_ << ", partition_name=" << name_;
61 }
62 if (IsAshmemMapped()) {
63 UnmapAshmem();
64 }
65 }
66
FinishInstall()67 int PartitionInstaller::FinishInstall() {
68 if (finished_) {
69 return finished_status_;
70 }
71 finished_ = true;
72 finished_status_ = CheckInstallState();
73 system_device_ = nullptr;
74 if (finished_status_ != IGsiService::INSTALL_OK) {
75 auto file = GetBackingFile(name_);
76 LOG(ERROR) << "Installation failed, clean up: " << file;
77 if (images_->IsImageMapped(file)) {
78 LOG(ERROR) << "unmap " << file;
79 images_->UnmapImageDevice(file);
80 }
81 images_->DeleteBackingImage(file);
82 }
83 return finished_status_;
84 }
85
StartInstall()86 int PartitionInstaller::StartInstall() {
87 if (int status = PerformSanityChecks()) {
88 return status;
89 }
90 if (int status = Preallocate()) {
91 return status;
92 }
93 if (!readOnly_) {
94 if (!Format()) {
95 return IGsiService::INSTALL_ERROR_GENERIC;
96 }
97 } else {
98 // Map ${name}_gsi so we can write to it.
99 system_device_ = OpenPartition(GetBackingFile(name_));
100 if (!system_device_) {
101 return IGsiService::INSTALL_ERROR_GENERIC;
102 }
103
104 // Clear the progress indicator.
105 service_->UpdateProgress(IGsiService::STATUS_NO_OPERATION, 0);
106 }
107 return IGsiService::INSTALL_OK;
108 }
109
PerformSanityChecks()110 int PartitionInstaller::PerformSanityChecks() {
111 if (!images_) {
112 LOG(ERROR) << "unable to create image manager";
113 return IGsiService::INSTALL_ERROR_GENERIC;
114 }
115 if (size_ < 0) {
116 LOG(ERROR) << "image size " << size_ << " is negative";
117 return IGsiService::INSTALL_ERROR_GENERIC;
118 }
119 if (android::gsi::IsGsiRunning()) {
120 LOG(ERROR) << "cannot install gsi inside a live gsi";
121 return IGsiService::INSTALL_ERROR_GENERIC;
122 }
123
124 struct statvfs sb;
125 if (statvfs(install_dir_.c_str(), &sb)) {
126 PLOG(ERROR) << "failed to read file system stats";
127 return IGsiService::INSTALL_ERROR_GENERIC;
128 }
129
130 // This is the same as android::vold::GetFreebytes() but we also
131 // need the total file system size so we open code it here.
132 uint64_t free_space = static_cast<uint64_t>(sb.f_bavail) * sb.f_frsize;
133 if (free_space <= (size_)) {
134 LOG(ERROR) << "not enough free space (only " << free_space << " bytes available)";
135 return IGsiService::INSTALL_ERROR_NO_SPACE;
136 }
137
138 const auto free_space_threshold = GetMinimumFreeSpaceThreshold(install_dir_);
139 if (!free_space_threshold.has_value()) {
140 return IGsiService::INSTALL_ERROR_GENERIC;
141 }
142 if (free_space < size_ + *free_space_threshold) {
143 LOG(ERROR) << "post-installation free space (" << free_space << " - " << size_
144 << ") would be below the minimum threshold of " << *free_space_threshold;
145 return IGsiService::INSTALL_ERROR_FILE_SYSTEM_CLUTTERED;
146 }
147 return IGsiService::INSTALL_OK;
148 }
149
Preallocate()150 int PartitionInstaller::Preallocate() {
151 std::string file = GetBackingFile(name_);
152 if (!images_->UnmapImageIfExists(file)) {
153 LOG(ERROR) << "failed to UnmapImageIfExists " << file;
154 return IGsiService::INSTALL_ERROR_GENERIC;
155 }
156 // always delete the old one when it presents in case there might a partition
157 // with same name but different size.
158 if (images_->BackingImageExists(file)) {
159 if (!images_->DeleteBackingImage(file)) {
160 LOG(ERROR) << "failed to DeleteBackingImage " << file;
161 return IGsiService::INSTALL_ERROR_GENERIC;
162 }
163 }
164 service_->StartAsyncOperation("create " + name_, size_);
165 if (!CreateImage(file, size_)) {
166 LOG(ERROR) << "Could not create userdata image";
167 return IGsiService::INSTALL_ERROR_GENERIC;
168 }
169 service_->UpdateProgress(IGsiService::STATUS_COMPLETE, 0);
170 return IGsiService::INSTALL_OK;
171 }
172
CreateImage(const std::string & name,uint64_t size)173 bool PartitionInstaller::CreateImage(const std::string& name, uint64_t size) {
174 auto progress = [this](uint64_t bytes, uint64_t /* total */) -> bool {
175 service_->UpdateProgress(IGsiService::STATUS_WORKING, bytes);
176 if (service_->should_abort()) return false;
177 return true;
178 };
179 int flags = ImageManager::CREATE_IMAGE_DEFAULT;
180 if (readOnly_) {
181 flags |= ImageManager::CREATE_IMAGE_READONLY;
182 }
183 return images_->CreateBackingImage(name, size, flags, std::move(progress));
184 }
185
OpenPartition(const std::string & name)186 std::unique_ptr<MappedDevice> PartitionInstaller::OpenPartition(const std::string& name) {
187 return MappedDevice::Open(images_.get(), 10s, name);
188 }
189
CommitGsiChunk(int stream_fd,int64_t bytes)190 bool PartitionInstaller::CommitGsiChunk(int stream_fd, int64_t bytes) {
191 service_->StartAsyncOperation("write " + name_, size_);
192
193 if (bytes < 0) {
194 LOG(ERROR) << "chunk size " << bytes << " is negative";
195 return false;
196 }
197
198 static const size_t kBlockSize = 4096;
199 auto buffer = std::make_unique<char[]>(kBlockSize);
200
201 int progress = -1;
202 uint64_t remaining = bytes;
203 while (remaining) {
204 size_t max_to_read = std::min(static_cast<uint64_t>(kBlockSize), remaining);
205 ssize_t rv = TEMP_FAILURE_RETRY(read(stream_fd, buffer.get(), max_to_read));
206 if (rv < 0) {
207 PLOG(ERROR) << "read gsi chunk";
208 return false;
209 }
210 if (rv == 0) {
211 LOG(ERROR) << "no bytes left in stream";
212 return false;
213 }
214 if (!CommitGsiChunk(buffer.get(), rv)) {
215 return false;
216 }
217 CHECK(static_cast<uint64_t>(rv) <= remaining);
218 remaining -= rv;
219
220 // Only update the progress when the % (or permille, in this case)
221 // significantly changes.
222 int new_progress = ((size_ - remaining) * 1000) / size_;
223 if (new_progress != progress) {
224 service_->UpdateProgress(IGsiService::STATUS_WORKING, size_ - remaining);
225 }
226 }
227
228 service_->UpdateProgress(IGsiService::STATUS_COMPLETE, size_);
229 return true;
230 }
231
IsFinishedWriting()232 bool PartitionInstaller::IsFinishedWriting() {
233 return gsi_bytes_written_ == size_;
234 }
235
IsAshmemMapped()236 bool PartitionInstaller::IsAshmemMapped() {
237 return ashmem_data_ != MAP_FAILED;
238 }
239
CommitGsiChunk(const void * data,size_t bytes)240 bool PartitionInstaller::CommitGsiChunk(const void* data, size_t bytes) {
241 if (static_cast<uint64_t>(bytes) > size_ - gsi_bytes_written_) {
242 // We cannot write past the end of the image file.
243 LOG(ERROR) << "chunk size " << bytes << " exceeds remaining image size (" << size_
244 << " expected, " << gsi_bytes_written_ << " written)";
245 return false;
246 }
247 if (service_->should_abort()) {
248 return false;
249 }
250 if (!android::base::WriteFully(system_device_->fd(), data, bytes)) {
251 PLOG(ERROR) << "write failed";
252 return false;
253 }
254 gsi_bytes_written_ += bytes;
255 return true;
256 }
257
GetPartitionFd()258 int PartitionInstaller::GetPartitionFd() {
259 if (!system_device_) {
260 return -1;
261 }
262 return system_device_->fd();
263 }
264
MapAshmem(int fd,size_t size)265 bool PartitionInstaller::MapAshmem(int fd, size_t size) {
266 ashmem_size_ = size;
267 ashmem_data_ = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0);
268 return ashmem_data_ != MAP_FAILED;
269 }
270
UnmapAshmem()271 void PartitionInstaller::UnmapAshmem() {
272 if (munmap(ashmem_data_, ashmem_size_) != 0) {
273 PLOG(ERROR) << "cannot munmap";
274 return;
275 }
276 ashmem_data_ = MAP_FAILED;
277 ashmem_size_ = -1;
278 }
279
CommitGsiChunk(size_t bytes)280 bool PartitionInstaller::CommitGsiChunk(size_t bytes) {
281 if (!IsAshmemMapped()) {
282 PLOG(ERROR) << "ashmem is not mapped";
283 return false;
284 }
285 bool success = CommitGsiChunk(ashmem_data_, bytes);
286 if (success && IsFinishedWriting()) {
287 UnmapAshmem();
288 }
289 return success;
290 }
291
GetBackingFile(std::string name)292 const std::string PartitionInstaller::GetBackingFile(std::string name) {
293 return name + "_gsi";
294 }
295
Format()296 bool PartitionInstaller::Format() {
297 auto file = GetBackingFile(name_);
298 auto device = OpenPartition(file);
299 if (!device) {
300 return false;
301 }
302
303 // libcutils checks the first 4K, no matter the block size.
304 std::string zeroes(4096, 0);
305 if (!android::base::WriteFully(device->fd(), zeroes.data(), zeroes.size())) {
306 PLOG(ERROR) << "write " << file;
307 return false;
308 }
309 return true;
310 }
311
CheckInstallState()312 int PartitionInstaller::CheckInstallState() {
313 if (readOnly_ && !IsFinishedWriting()) {
314 // We cannot boot if the image is incomplete.
315 LOG(ERROR) << "image incomplete; expected " << size_ << " bytes, waiting for "
316 << (size_ - gsi_bytes_written_) << " bytes";
317 return IGsiService::INSTALL_ERROR_GENERIC;
318 }
319 if (system_device_ != nullptr && fsync(GetPartitionFd())) {
320 PLOG(ERROR) << "fsync failed for " << GetBackingFile(name_);
321 return IGsiService::INSTALL_ERROR_GENERIC;
322 }
323 // If files moved (are no longer pinned), the metadata file will be invalid.
324 // This check can be removed once b/133967059 is fixed.
325 if (!images_->Validate()) {
326 return IGsiService::INSTALL_ERROR_GENERIC;
327 }
328 return IGsiService::INSTALL_OK;
329 }
330
WipeWritable(const std::string & active_dsu,const std::string & install_dir,const std::string & name)331 int PartitionInstaller::WipeWritable(const std::string& active_dsu, const std::string& install_dir,
332 const std::string& name) {
333 auto image = ImageManager::Open(MetadataDir(active_dsu), install_dir);
334 // The device object has to be destroyed before the image object
335 auto device = MappedDevice::Open(image.get(), 10s, name);
336 if (!device) {
337 return IGsiService::INSTALL_ERROR_GENERIC;
338 }
339
340 // Wipe the first 1MiB of the device, ensuring both the first block and
341 // the superblock are destroyed.
342 static constexpr uint64_t kEraseSize = 1024 * 1024;
343
344 std::string zeroes(4096, 0);
345 uint64_t erase_size = std::min(kEraseSize, get_block_device_size(device->fd()));
346 for (uint64_t i = 0; i < erase_size; i += zeroes.size()) {
347 if (!android::base::WriteFully(device->fd(), zeroes.data(), zeroes.size())) {
348 PLOG(ERROR) << "write " << name;
349 return IGsiService::INSTALL_ERROR_GENERIC;
350 }
351 }
352 return IGsiService::INSTALL_OK;
353 }
354
GetMinimumFreeSpaceThreshold(const std::string & install_dir)355 std::optional<uint64_t> PartitionInstaller::GetMinimumFreeSpaceThreshold(
356 const std::string& install_dir) {
357 // No need to retain any space if we were not installing to the internal storage
358 // or device is not using VAB.
359 if (!android::base::StartsWith(install_dir, "/data"s)
360 || !android::base::GetBoolProperty("ro.virtual_ab.enabled", false)) {
361 return 0;
362 }
363 // Dynamic Partitions device must have a "super" block device.
364 BlockDeviceInfo info;
365 PartitionOpener opener;
366 if (!opener.GetInfo(fs_mgr_get_super_partition_name(), &info)) {
367 // We shouldn't reach here, but handle it just in case.
368 LOG(ERROR) << "could not get block device info of super";
369 return std::nullopt;
370 }
371 // Reserve |super partition| of storage space so we don't disable VAB.
372 return info.size;
373 }
374
375 } // namespace gsi
376 } // namespace android
377