1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
|
#!/bin/bash
#
# Copyright (C) 2015 The Android Open Source Project
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# Script to generate a Brillo update for use by the update engine.
#
# usage: brillo_update_payload COMMAND [ARGS]
# The following commands are supported:
# generate generate an unsigned payload
# hash generate a payload or metadata hash
# sign generate a signed payload
# properties generate a properties file from a payload
# verify verify a payload by recreating a target image.
#
# Generate command arguments:
# --payload generated unsigned payload output file
# --source_image if defined, generate a delta payload from the specified
# image to the target_image
# --target_image the target image that should be sent to clients
# --metadata_size_file if defined, generate a file containing the size of the
# payload metadata in bytes to the specified file
#
# Hash command arguments:
# --unsigned_payload the input unsigned payload to generate the hash from
# --signature_size signature sizes in bytes in the following format:
# "size1:size2[:...]"
# --payload_hash_file if defined, generate a payload hash and output to the
# specified file
# --metadata_hash_file if defined, generate a metadata hash and output to the
# specified file
#
# Sign command arguments:
# --unsigned_payload the input unsigned payload to insert the signatures
# --payload the output signed payload
# --signature_size signature sizes in bytes in the following format:
# "size1:size2[:...]"
# --payload_signature_file the payload signature files in the following
# format:
# "payload_signature1:payload_signature2[:...]"
# --metadata_signature_file the metadata signature files in the following
# format:
# "metadata_signature1:metadata_signature2[:...]"
# --metadata_size_file if defined, generate a file containing the size of
# the signed payload metadata in bytes to the
# specified file
# Note that the number of signature sizes and payload signatures have to match.
#
# Properties command arguments:
# --payload the input signed or unsigned payload
# --properties_file the output path where to write the properties, or
# '-' for stdout.
# Verify command arguments:
# --payload payload input file
# --source_image verify payload to the specified source image.
# --target_image the target image to verify upon.
# Exit codes:
EX_UNSUPPORTED_DELTA=100
warn() {
echo "brillo_update_payload: warning: $*" >&2
}
die() {
echo "brillo_update_payload: error: $*" >&2
exit 1
}
# Loads shflags. We first look at the default install location; then look for
# crosutils (chroot); finally check our own directory (au-generator zipfile).
load_shflags() {
local my_dir="$(dirname "$(readlink -f "$0")")"
local path
for path in /usr/share/misc {/usr/lib/crosutils,"${my_dir}"}/lib/shflags; do
if [[ -r "${path}/shflags" ]]; then
. "${path}/shflags" || die "Could not load ${path}/shflags."
return
fi
done
die "Could not find shflags."
}
load_shflags
HELP_GENERATE="generate: Generate an unsigned update payload."
HELP_HASH="hash: Generate the hashes of the unsigned payload and metadata used \
for signing."
HELP_SIGN="sign: Insert the signatures into the unsigned payload."
HELP_PROPERTIES="properties: Extract payload properties to a file."
HELP_VERIFY="verify: Verify a (signed) update payload."
usage() {
echo "Supported commands:"
echo
echo "${HELP_GENERATE}"
echo "${HELP_HASH}"
echo "${HELP_SIGN}"
echo "${HELP_PROPERTIES}"
echo "${HELP_VERIFY}"
echo
echo "Use: \"$0 <command> --help\" for more options."
}
# Check that a command is specified.
if [[ $# -lt 1 ]]; then
echo "Please specify a command [generate|hash|sign|properties]"
exit 1
fi
# Parse command.
COMMAND="${1:-}"
shift
case "${COMMAND}" in
generate)
FLAGS_HELP="${HELP_GENERATE}"
;;
hash)
FLAGS_HELP="${HELP_HASH}"
;;
sign)
FLAGS_HELP="${HELP_SIGN}"
;;
properties)
FLAGS_HELP="${HELP_PROPERTIES}"
;;
verify)
FLAGS_HELP="${HELP_VERIFY}"
;;
*)
echo "Unrecognized command: \"${COMMAND}\"" >&2
usage >&2
exit 1
;;
esac
# Flags
FLAGS_HELP="Usage: $0 ${COMMAND} [flags]
${FLAGS_HELP}"
if [[ "${COMMAND}" == "generate" ]]; then
DEFINE_string payload "" \
"Path to output the generated unsigned payload file."
DEFINE_string target_image "" \
"Path to the target image that should be sent to clients."
DEFINE_string source_image "" \
"Optional: Path to a source image. If specified, this makes a delta update."
DEFINE_string metadata_size_file "" \
"Optional: Path to output metadata size."
fi
if [[ "${COMMAND}" == "hash" || "${COMMAND}" == "sign" ]]; then
DEFINE_string unsigned_payload "" "Path to the input unsigned payload."
DEFINE_string signature_size "" \
"Signature sizes in bytes in the following format: size1:size2[:...]"
fi
if [[ "${COMMAND}" == "hash" ]]; then
DEFINE_string metadata_hash_file "" \
"Optional: Path to output metadata hash file."
DEFINE_string payload_hash_file "" \
"Optional: Path to output payload hash file."
fi
if [[ "${COMMAND}" == "sign" ]]; then
DEFINE_string payload "" \
"Path to output the generated unsigned payload file."
DEFINE_string metadata_signature_file "" \
"The metatada signatures in the following format: \
metadata_signature1:metadata_signature2[:...]"
DEFINE_string payload_signature_file "" \
"The payload signatures in the following format: \
payload_signature1:payload_signature2[:...]"
DEFINE_string metadata_size_file "" \
"Optional: Path to output metadata size."
fi
if [[ "${COMMAND}" == "properties" ]]; then
DEFINE_string payload "" \
"Path to the input signed or unsigned payload file."
DEFINE_string properties_file "-" \
"Path to output the extracted property files. If '-' is passed stdout will \
be used."
fi
if [[ "${COMMAND}" == "verify" ]]; then
DEFINE_string payload "" \
"Path to the input payload file."
DEFINE_string target_image "" \
"Path to the target image to verify upon."
DEFINE_string source_image "" \
"Optional: Path to a source image. If specified, the delta update is \
applied to this."
fi
DEFINE_string work_dir "${TMPDIR:-/tmp}" "Where to dump temporary files."
# Parse command line flag arguments
FLAGS "$@" || exit 1
eval set -- "${FLAGS_ARGV}"
set -e
# Override the TMPDIR with the passed work_dir flags, which anyway defaults to
# ${TMPDIR}.
TMPDIR="${FLAGS_work_dir}"
export TMPDIR
# Associative arrays from partition name to file in the source and target
# images. The size of the updated area must be the size of the file.
declare -A SRC_PARTITIONS
declare -A DST_PARTITIONS
# Associative arrays for the .map files associated with each src/dst partition
# file in SRC_PARTITIONS and DST_PARTITIONS.
declare -A SRC_PARTITIONS_MAP
declare -A DST_PARTITIONS_MAP
# List of partition names in order.
declare -a PARTITIONS_ORDER
# A list of temporary files to remove during cleanup.
CLEANUP_FILES=()
# Global options to force the version of the payload.
FORCE_MAJOR_VERSION=""
FORCE_MINOR_VERSION=""
# Path to the postinstall config file in target image if exists.
POSTINSTALL_CONFIG_FILE=""
# read_option_int <file.txt> <option_key> [default_value]
#
# Reads the unsigned integer value associated with |option_key| in a key=value
# file |file.txt|. Prints the read value if found and valid, otherwise prints
# the |default_value|.
read_option_uint() {
local file_txt="$1"
local option_key="$2"
local default_value="${3:-}"
local value
if value=$(look "${option_key}=" "${file_txt}" | tail -n 1); then
if value=$(echo "${value}" | cut -f 2- -d "=" | grep -E "^[0-9]+$"); then
echo "${value}"
return
fi
fi
echo "${default_value}"
}
# truncate_file <file_path> <file_size>
#
# Truncate the given |file_path| to |file_size| using perl.
# The truncate binary might not be available.
truncate_file() {
local file_path="$1"
local file_size="$2"
perl -e "open(FILE, \"+<\", \$ARGV[0]); \
truncate(FILE, ${file_size}); \
close(FILE);" "${file_path}"
}
# Create a temporary file in the work_dir with an optional pattern name.
# Prints the name of the newly created file.
create_tempfile() {
local pattern="${1:-tempfile.XXXXXX}"
mktemp --tmpdir="${FLAGS_work_dir}" "${pattern}"
}
cleanup() {
local err=""
rm -f "${CLEANUP_FILES[@]}" || err=1
# If we are cleaning up after an error, or if we got an error during
# cleanup (even if we eventually succeeded) return a non-zero exit
# code. This triggers additional logging in most environments that call
# this script.
if [[ -n "${err}" ]]; then
die "Cleanup encountered an error."
fi
}
cleanup_on_error() {
trap - INT TERM ERR EXIT
cleanup
die "Cleanup success after an error."
}
cleanup_on_exit() {
trap - INT TERM ERR EXIT
cleanup
}
trap cleanup_on_error INT TERM ERR
trap cleanup_on_exit EXIT
# extract_image <image> <partitions_array> [partitions_order]
#
# Detect the format of the |image| file and extract its updatable partitions
# into new temporary files. Add the list of partition names and its files to the
# associative array passed in |partitions_array|. If |partitions_order| is
# passed, set it to list of partition names in order.
extract_image() {
local image="$1"
# Brillo images are zip files. We detect the 4-byte magic header of the zip
# file.
local magic=$(head --bytes=4 "${image}" | hexdump -e '1/1 "%.2x"')
if [[ "${magic}" == "504b0304" ]]; then
echo "Detected .zip file, extracting Brillo image."
extract_image_brillo "$@"
return
fi
# Chrome OS images are GPT partitioned disks. We should have the cgpt binary
# bundled here and we will use it to extract the partitions, so the GPT
# headers must be valid.
if cgpt show -q -n "${image}" >/dev/null; then
echo "Detected GPT image, extracting Chrome OS image."
extract_image_cros "$@"
return
fi
die "Couldn't detect the image format of ${image}"
}
# extract_image_cros <image.bin> <partitions_array> [partitions_order]
#
# Extract Chromium OS recovery images into new temporary files.
extract_image_cros() {
local image="$1"
local partitions_array="$2"
local partitions_order="${3:-}"
local kernel root
kernel=$(create_tempfile "kernel.bin.XXXXXX")
CLEANUP_FILES+=("${kernel}")
root=$(create_tempfile "root.bin.XXXXXX")
CLEANUP_FILES+=("${root}")
cros_generate_update_payload --extract \
--image "${image}" \
--kern_path "${kernel}" --root_path "${root}" \
--work_dir "${FLAGS_work_dir}" --outside_chroot
# Chrome OS uses major_version 1 payloads for all versions, even if the
# updater supports a newer major version.
FORCE_MAJOR_VERSION="1"
# When generating legacy Chrome OS images, we need to use "boot" and "system"
# for the partition names to be compatible with updating Brillo devices with
# Chrome OS images.
eval ${partitions_array}[boot]=\""${kernel}"\"
eval ${partitions_array}[system]=\""${root}"\"
if [[ -n "${partitions_order}" ]]; then
eval "${partitions_order}=( \"system\" \"boot\" )"
fi
local part varname
for part in boot system; do
varname="${partitions_array}[${part}]"
printf "md5sum of %s: " "${varname}"
md5sum "${!varname}"
done
}
# extract_image_brillo <target_files.zip> <partitions_array> [partitions_order]
#
# Extract the A/B updated partitions from a Brillo target_files zip file into
# new temporary files.
extract_image_brillo() {
local image="$1"
local partitions_array="$2"
local partitions_order="${3:-}"
local partitions=( "boot" "system" )
local ab_partitions_list
ab_partitions_list=$(create_tempfile "ab_partitions_list.XXXXXX")
CLEANUP_FILES+=("${ab_partitions_list}")
if unzip -p "${image}" "META/ab_partitions.txt" >"${ab_partitions_list}"; then
if grep -v -E '^[a-zA-Z0-9_-]*$' "${ab_partitions_list}" >&2; then
die "Invalid partition names found in the partition list."
fi
partitions=($(cat "${ab_partitions_list}"))
if [[ ${#partitions[@]} -eq 0 ]]; then
die "The list of partitions is empty. Can't generate a payload."
fi
else
warn "No ab_partitions.txt found. Using default."
fi
echo "List of A/B partitions: ${partitions[@]}"
if [[ -n "${partitions_order}" ]]; then
eval "${partitions_order}=(${partitions[@]})"
fi
# All Brillo updaters support major version 2.
FORCE_MAJOR_VERSION="2"
if [[ "${partitions_array}" == "SRC_PARTITIONS" ]]; then
# Source image
local ue_config=$(create_tempfile "ue_config.XXXXXX")
CLEANUP_FILES+=("${ue_config}")
if ! unzip -p "${image}" "META/update_engine_config.txt" \
>"${ue_config}"; then
warn "No update_engine_config.txt found. Assuming pre-release image, \
using payload minor version 2"
fi
# For delta payloads, we use the major and minor version supported by the
# old updater.
FORCE_MINOR_VERSION=$(read_option_uint "${ue_config}" \
"PAYLOAD_MINOR_VERSION" 2)
FORCE_MAJOR_VERSION=$(read_option_uint "${ue_config}" \
"PAYLOAD_MAJOR_VERSION" 2)
# Brillo support for deltas started with minor version 3.
if [[ "${FORCE_MINOR_VERSION}" -le 2 ]]; then
warn "No delta support from minor version ${FORCE_MINOR_VERSION}. \
Disabling deltas for this source version."
exit ${EX_UNSUPPORTED_DELTA}
fi
else
# Target image
local postinstall_config=$(create_tempfile "postinstall_config.XXXXXX")
CLEANUP_FILES+=("${postinstall_config}")
if unzip -p "${image}" "META/postinstall_config.txt" \
>"${postinstall_config}"; then
POSTINSTALL_CONFIG_FILE="${postinstall_config}"
fi
fi
local part part_file temp_raw filesize
for part in "${partitions[@]}"; do
part_file=$(create_tempfile "${part}.img.XXXXXX")
CLEANUP_FILES+=("${part_file}")
unzip -p "${image}" "IMAGES/${part}.img" >"${part_file}"
# If the partition is stored as an Android sparse image file, we need to
# convert them to a raw image for the update.
local magic=$(head --bytes=4 "${part_file}" | hexdump -e '1/1 "%.2x"')
if [[ "${magic}" == "3aff26ed" ]]; then
temp_raw=$(create_tempfile "${part}.raw.XXXXXX")
CLEANUP_FILES+=("${temp_raw}")
echo "Converting Android sparse image ${part}.img to RAW."
simg2img "${part_file}" "${temp_raw}"
# At this point, we can drop the contents of the old part_file file, but
# we can't delete the file because it will be deleted in cleanup.
true >"${part_file}"
part_file="${temp_raw}"
fi
# Extract the .map file (if one is available).
part_map_file=$(create_tempfile "${part}.map.XXXXXX")
CLEANUP_FILES+=("${part_map_file}")
unzip -p "${image}" "IMAGES/${part}.map" >"${part_map_file}" || \
part_map_file=""
# delta_generator only supports images multiple of 4 KiB. For target images
# we pad the data with zeros if needed, but for source images we truncate
# down the data since the last block of the old image could be padded on
# disk with unknown data.
filesize=$(stat -c%s "${part_file}")
if [[ $(( filesize % 4096 )) -ne 0 ]]; then
if [[ "${partitions_array}" == "SRC_PARTITIONS" ]]; then
echo "Rounding DOWN partition ${part}.img to a multiple of 4 KiB."
: $(( filesize = filesize & -4096 ))
if [[ ${filesize} == 0 ]]; then
echo "Source partition ${part}.img is empty after rounding down," \
"skipping."
continue
fi
else
echo "Rounding UP partition ${part}.img to a multiple of 4 KiB."
: $(( filesize = (filesize + 4095) & -4096 ))
fi
truncate_file "${part_file}" "${filesize}"
fi
eval "${partitions_array}[\"${part}\"]=\"${part_file}\""
eval "${partitions_array}_MAP[\"${part}\"]=\"${part_map_file}\""
echo "Extracted ${partitions_array}[${part}]: ${filesize} bytes"
done
}
validate_generate() {
[[ -n "${FLAGS_payload}" ]] ||
die "You must specify an output filename with --payload FILENAME"
[[ -n "${FLAGS_target_image}" ]] ||
die "You must specify a target image with --target_image FILENAME"
}
cmd_generate() {
local payload_type="delta"
if [[ -z "${FLAGS_source_image}" ]]; then
payload_type="full"
fi
echo "Extracting images for ${payload_type} update."
extract_image "${FLAGS_target_image}" DST_PARTITIONS PARTITIONS_ORDER
if [[ "${payload_type}" == "delta" ]]; then
extract_image "${FLAGS_source_image}" SRC_PARTITIONS
fi
echo "Generating ${payload_type} update."
# Common payload args:
GENERATOR_ARGS=( -out_file="${FLAGS_payload}" )
local part old_partitions="" new_partitions="" partition_names=""
local old_mapfiles="" new_mapfiles=""
for part in "${PARTITIONS_ORDER[@]}"; do
if [[ -n "${partition_names}" ]]; then
partition_names+=":"
new_partitions+=":"
old_partitions+=":"
new_mapfiles+=":"
old_mapfiles+=":"
fi
partition_names+="${part}"
new_partitions+="${DST_PARTITIONS[${part}]}"
old_partitions+="${SRC_PARTITIONS[${part}]:-}"
new_mapfiles+="${DST_PARTITIONS_MAP[${part}]:-}"
old_mapfiles+="${SRC_PARTITIONS_MAP[${part}]:-}"
done
# Target image args:
GENERATOR_ARGS+=(
-partition_names="${partition_names}"
-new_partitions="${new_partitions}"
-new_mapfiles="${new_mapfiles}"
)
if [[ "${payload_type}" == "delta" ]]; then
# Source image args:
GENERATOR_ARGS+=(
-old_partitions="${old_partitions}"
-old_mapfiles="${old_mapfiles}"
)
if [[ -n "${FORCE_MINOR_VERSION}" ]]; then
GENERATOR_ARGS+=( --minor_version="${FORCE_MINOR_VERSION}" )
fi
fi
if [[ -n "${FORCE_MAJOR_VERSION}" ]]; then
GENERATOR_ARGS+=( --major_version="${FORCE_MAJOR_VERSION}" )
fi
if [[ -n "${FLAGS_metadata_size_file}" ]]; then
GENERATOR_ARGS+=( --out_metadata_size_file="${FLAGS_metadata_size_file}" )
fi
if [[ -n "${POSTINSTALL_CONFIG_FILE}" ]]; then
GENERATOR_ARGS+=(
--new_postinstall_config_file="${POSTINSTALL_CONFIG_FILE}"
)
fi
echo "Running delta_generator with args: ${GENERATOR_ARGS[@]}"
"${GENERATOR}" "${GENERATOR_ARGS[@]}"
echo "Done generating ${payload_type} update."
}
validate_hash() {
[[ -n "${FLAGS_signature_size}" ]] ||
die "You must specify signature size with --signature_size SIZES"
[[ -n "${FLAGS_unsigned_payload}" ]] ||
die "You must specify the input unsigned payload with \
--unsigned_payload FILENAME"
[[ -n "${FLAGS_payload_hash_file}" ]] ||
die "You must specify --payload_hash_file FILENAME"
[[ -n "${FLAGS_metadata_hash_file}" ]] ||
die "You must specify --metadata_hash_file FILENAME"
}
cmd_hash() {
"${GENERATOR}" \
-in_file="${FLAGS_unsigned_payload}" \
-signature_size="${FLAGS_signature_size}" \
-out_hash_file="${FLAGS_payload_hash_file}" \
-out_metadata_hash_file="${FLAGS_metadata_hash_file}"
echo "Done generating hash."
}
validate_sign() {
[[ -n "${FLAGS_signature_size}" ]] ||
die "You must specify signature size with --signature_size SIZES"
[[ -n "${FLAGS_unsigned_payload}" ]] ||
die "You must specify the input unsigned payload with \
--unsigned_payload FILENAME"
[[ -n "${FLAGS_payload}" ]] ||
die "You must specify the output signed payload with --payload FILENAME"
[[ -n "${FLAGS_payload_signature_file}" ]] ||
die "You must specify the payload signature file with \
--payload_signature_file SIGNATURES"
[[ -n "${FLAGS_metadata_signature_file}" ]] ||
die "You must specify the metadata signature file with \
--metadata_signature_file SIGNATURES"
}
cmd_sign() {
GENERATOR_ARGS=(
-in_file="${FLAGS_unsigned_payload}"
-signature_size="${FLAGS_signature_size}"
-signature_file="${FLAGS_payload_signature_file}"
-metadata_signature_file="${FLAGS_metadata_signature_file}"
-out_file="${FLAGS_payload}"
)
if [[ -n "${FLAGS_metadata_size_file}" ]]; then
GENERATOR_ARGS+=( --out_metadata_size_file="${FLAGS_metadata_size_file}" )
fi
"${GENERATOR}" "${GENERATOR_ARGS[@]}"
echo "Done signing payload."
}
validate_properties() {
[[ -n "${FLAGS_payload}" ]] ||
die "You must specify the payload file with --payload FILENAME"
[[ -n "${FLAGS_properties_file}" ]] ||
die "You must specify a non empty --properties_file FILENAME"
}
cmd_properties() {
"${GENERATOR}" \
-in_file="${FLAGS_payload}" \
-properties_file="${FLAGS_properties_file}"
}
validate_verify() {
[[ -n "${FLAGS_payload}" ]] ||
die "Error: you must specify an input filename with --payload FILENAME"
[[ -n "${FLAGS_target_image}" ]] ||
die "Error: you must specify a target image with --target_image FILENAME"
}
cmd_verify() {
local payload_type="delta"
if [[ -z "${FLAGS_source_image}" ]]; then
payload_type="full"
fi
echo "Extracting images for ${payload_type} update."
if [[ "${payload_type}" == "delta" ]]; then
extract_image "${FLAGS_source_image}" SRC_PARTITIONS
fi
extract_image "${FLAGS_target_image}" DST_PARTITIONS PARTITIONS_ORDER
declare -A TMP_PARTITIONS
for part in "${PARTITIONS_ORDER[@]}"; do
local tmp_part=$(create_tempfile "tmp_part.bin.XXXXXX")
echo "Creating temporary target partition ${tmp_part} for ${part}"
CLEANUP_FILES+=("${tmp_part}")
TMP_PARTITIONS[${part}]=${tmp_part}
local FILESIZE=$(stat -c%s "${DST_PARTITIONS[${part}]}")
echo "Truncating ${TMP_PARTITIONS[${part}]} to ${FILESIZE}"
truncate_file "${TMP_PARTITIONS[${part}]}" "${FILESIZE}"
done
echo "Verifying ${payload_type} update."
# Common payload args:
GENERATOR_ARGS=( -in_file="${FLAGS_payload}" )
local part old_partitions="" new_partitions="" partition_names=""
for part in "${PARTITIONS_ORDER[@]}"; do
if [[ -n "${partition_names}" ]]; then
partition_names+=":"
new_partitions+=":"
old_partitions+=":"
fi
partition_names+="${part}"
new_partitions+="${TMP_PARTITIONS[${part}]}"
old_partitions+="${SRC_PARTITIONS[${part}]:-}"
done
# Target image args:
GENERATOR_ARGS+=(
-partition_names="${partition_names}"
-new_partitions="${new_partitions}"
)
if [[ "${payload_type}" == "delta" ]]; then
# Source image args:
GENERATOR_ARGS+=(
-old_partitions="${old_partitions}"
)
fi
if [[ -n "${FORCE_MAJOR_VERSION}" ]]; then
GENERATOR_ARGS+=( --major_version="${FORCE_MAJOR_VERSION}" )
fi
echo "Running delta_generator to verify ${payload_type} payload with args: \
${GENERATOR_ARGS[@]}"
"${GENERATOR}" "${GENERATOR_ARGS[@]}"
if [[ $? -eq 0 ]]; then
echo "Done applying ${payload_type} update."
echo "Checking the newly generated partitions against the target partitions"
for part in "${PARTITIONS_ORDER[@]}"; do
cmp "${TMP_PARTITIONS[${part}]}" "${DST_PARTITIONS[${part}]}"
local not_str=""
if [[ $? -ne 0 ]]; then
not_str="in"
fi
echo "The new partition (${part}) is ${not_str}valid."
done
else
echo "Failed to apply ${payload_type} update."
fi
}
# Sanity check that the real generator exists:
GENERATOR="$(which delta_generator || true)"
[[ -x "${GENERATOR}" ]] || die "can't find delta_generator"
case "$COMMAND" in
generate) validate_generate
cmd_generate
;;
hash) validate_hash
cmd_hash
;;
sign) validate_sign
cmd_sign
;;
properties) validate_properties
cmd_properties
;;
verify) validate_verify
cmd_verify
;;
esac
|
