// // Copyright (C) 2020 The Android Open Source Project // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. // #include "update_engine/payload_consumer/vabc_partition_writer.h" #include #include #include #include #include #include #include #include #include #include "update_engine/common/cow_operation_convert.h" #include "update_engine/common/utils.h" #include "update_engine/payload_consumer/block_extent_writer.h" #include "update_engine/payload_consumer/extent_map.h" #include "update_engine/payload_consumer/extent_reader.h" #include "update_engine/payload_consumer/file_descriptor.h" #include "update_engine/payload_consumer/file_descriptor_utils.h" #include "update_engine/payload_consumer/install_plan.h" #include "update_engine/payload_consumer/partition_writer.h" #include "update_engine/payload_consumer/snapshot_extent_writer.h" #include "update_engine/payload_consumer/xor_extent_writer.h" #include "update_engine/payload_generator/extent_ranges.h" #include "update_engine/payload_generator/extent_utils.h" #include "update_engine/update_metadata.pb.h" namespace chromeos_update_engine { // Expected layout of COW file: // === Beginning of Cow Image === // All Source Copy Operations // ========== Label 0 ========== // Operation 0 in PartitionUpdate // ========== Label 1 ========== // Operation 1 in PartitionUpdate // ========== label 2 ========== // Operation 2 in PartitionUpdate // ========== label 3 ========== // . // . // . // When resuming, pass |next_op_index_| as label to // |InitializeWithAppend|. // For example, suppose we finished writing SOURCE_COPY, and we finished writing // operation 2 completely. Update is suspended when we are half way through // operation 3. // |cnext_op_index_| would be 3, so we pass 3 as // label to |InitializeWithAppend|. The CowWriter will retain all data before // label 3, Which contains all operation 2's data, but none of operation 3's // data. using android::snapshot::ICowWriter; using ::google::protobuf::RepeatedPtrField; // Compute XOR map, a map from dst extent to corresponding merge operation static ExtentMap ComputeXorMap( const RepeatedPtrField& merge_ops) { ExtentMap xor_map; for (const auto& merge_op : merge_ops) { if (merge_op.type() == CowMergeOperation::COW_XOR) { xor_map.AddExtent(merge_op.dst_extent(), &merge_op); } } return xor_map; } VABCPartitionWriter::VABCPartitionWriter( const PartitionUpdate& partition_update, const InstallPlan::Partition& install_part, DynamicPartitionControlInterface* dynamic_control, size_t block_size) : partition_update_(partition_update), install_part_(install_part), dynamic_control_(dynamic_control), block_size_(block_size), executor_(block_size), verified_source_fd_(block_size, install_part.source_path) {} bool VABCPartitionWriter::Init(const InstallPlan* install_plan, bool source_may_exist, size_t next_op_index) { if (dynamic_control_->GetVirtualAbCompressionXorFeatureFlag().IsEnabled()) { xor_map_ = ComputeXorMap(partition_update_.merge_operations()); if (xor_map_.size() > 0) { LOG(INFO) << "Virtual AB Compression with XOR is enabled"; } else { LOG(INFO) << "Device supports Virtual AB compression with XOR, but OTA " "package does not."; } } else { LOG(INFO) << "Virtual AB Compression with XOR is disabled."; } TEST_AND_RETURN_FALSE(install_plan != nullptr); if (source_may_exist && install_part_.source_size > 0) { TEST_AND_RETURN_FALSE(!install_part_.source_path.empty()); TEST_AND_RETURN_FALSE(verified_source_fd_.Open()); } std::optional source_path; if (!install_part_.source_path.empty()) { // TODO(zhangkelvin) Make |source_path| a std::optional source_path = install_part_.source_path; } cow_writer_ = dynamic_control_->OpenCowWriter( install_part_.name, source_path, install_plan->is_resume); TEST_AND_RETURN_FALSE(cow_writer_ != nullptr); // ===== Resume case handling code goes here ==== // It is possible that the SOURCE_COPY are already written but // |next_op_index_| is still 0. In this case we discard previously written // SOURCE_COPY, and start over. if (install_plan->is_resume && next_op_index > 0) { LOG(INFO) << "Resuming update on partition `" << partition_update_.partition_name() << "` op index " << next_op_index; TEST_AND_RETURN_FALSE(cow_writer_->InitializeAppend(next_op_index)); return true; } else { TEST_AND_RETURN_FALSE(cow_writer_->Initialize()); } // ============================================== if (!partition_update_.merge_operations().empty()) { if (IsXorEnabled()) { LOG(INFO) << "VABC XOR enabled for partition " << partition_update_.partition_name(); TEST_AND_RETURN_FALSE(WriteMergeSequence( partition_update_.merge_operations(), cow_writer_.get())); } } // TODO(zhangkelvin) Rewrite this in C++20 coroutine once that's available. // TODO(177104308) Don't write all COPY ops up-front if merge sequence is // written const auto converted = ConvertToCowOperations( partition_update_.operations(), partition_update_.merge_operations()); if (!converted.empty()) { // Use source fd directly. Ideally we want to verify all extents used in // source copy, but then what do we do if some extents contain correct // hashes and some don't? auto source_fd = std::make_shared(); TEST_AND_RETURN_FALSE_ERRNO( source_fd->Open(install_part_.source_path.c_str(), O_RDONLY)); TEST_AND_RETURN_FALSE(WriteSourceCopyCowOps( block_size_, converted, cow_writer_.get(), source_fd)); cow_writer_->AddLabel(0); } return true; } bool VABCPartitionWriter::WriteMergeSequence( const RepeatedPtrField& merge_sequence, ICowWriter* cow_writer) { std::vector blocks_merge_order; for (const auto& merge_op : merge_sequence) { const auto& dst_extent = merge_op.dst_extent(); const auto& src_extent = merge_op.src_extent(); // In place copy are basically noops, they do not need to be "merged" at // all, don't include them in merge sequence. if (merge_op.type() == CowMergeOperation::COW_COPY && merge_op.src_extent() == merge_op.dst_extent()) { continue; } const bool extent_overlap = ExtentRanges::ExtentsOverlap(src_extent, dst_extent); // TODO(193863443) Remove this check once this feature // lands on all pixel devices. const bool is_ascending = android::base::GetBoolProperty( "ro.virtual_ab.userspace.snapshots.enabled", false); // If this is a self-overlapping op and |dst_extent| comes after // |src_extent|, we must write in reverse order for correctness. // // If this is self-overlapping op and |dst_extent| comes before // |src_extent|, we must write in ascending order for correctness. // // If this isn't a self overlapping op, write block in ascending order // if userspace snapshots are enabled if (extent_overlap) { if (dst_extent.start_block() <= src_extent.start_block()) { for (size_t i = 0; i < dst_extent.num_blocks(); i++) { blocks_merge_order.push_back(dst_extent.start_block() + i); } } else { for (int i = dst_extent.num_blocks() - 1; i >= 0; i--) { blocks_merge_order.push_back(dst_extent.start_block() + i); } } } else { if (is_ascending) { for (size_t i = 0; i < dst_extent.num_blocks(); i++) { blocks_merge_order.push_back(dst_extent.start_block() + i); } } else { for (int i = dst_extent.num_blocks() - 1; i >= 0; i--) { blocks_merge_order.push_back(dst_extent.start_block() + i); } } } } return cow_writer->AddSequenceData(blocks_merge_order.size(), blocks_merge_order.data()); } bool VABCPartitionWriter::WriteSourceCopyCowOps( size_t block_size, const std::vector& converted, ICowWriter* cow_writer, FileDescriptorPtr source_fd) { for (const auto& cow_op : converted) { std::vector buffer; switch (cow_op.op) { case CowOperation::CowCopy: if (cow_op.src_block == cow_op.dst_block) { continue; } // Add blocks in reverse order, because snapused specifically prefers // this ordering. Since we already eliminated all self-overlapping // SOURCE_COPY during delta generation, this should be safe to do. for (size_t i = cow_op.block_count; i > 0; i--) { TEST_AND_RETURN_FALSE(cow_writer->AddCopy(cow_op.dst_block + i - 1, cow_op.src_block + i - 1)); } break; case CowOperation::CowReplace: buffer.resize(block_size * cow_op.block_count); ssize_t bytes_read = 0; TEST_AND_RETURN_FALSE(utils::ReadAll(source_fd, buffer.data(), block_size * cow_op.block_count, cow_op.src_block * block_size, &bytes_read)); if (bytes_read <= 0 || static_cast(bytes_read) != buffer.size()) { LOG(ERROR) << "source_fd->Read failed: " << bytes_read; return false; } TEST_AND_RETURN_FALSE(cow_writer->AddRawBlocks( cow_op.dst_block, buffer.data(), buffer.size())); break; } } return true; } std::unique_ptr VABCPartitionWriter::CreateBaseExtentWriter() { return std::make_unique(cow_writer_.get()); } [[nodiscard]] bool VABCPartitionWriter::PerformZeroOrDiscardOperation( const InstallOperation& operation) { for (const auto& extent : operation.dst_extents()) { TEST_AND_RETURN_FALSE( cow_writer_->AddZeroBlocks(extent.start_block(), extent.num_blocks())); } return true; } [[nodiscard]] bool VABCPartitionWriter::PerformSourceCopyOperation( const InstallOperation& operation, ErrorCode* error) { // COPY ops are already handled during Init(), no need to do actual work, but // we still want to verify that all blocks contain expected data. auto source_fd = std::make_shared(); TEST_AND_RETURN_FALSE_ERRNO( source_fd->Open(install_part_.source_path.c_str(), O_RDONLY)); if (!operation.has_src_sha256_hash()) { return true; } return PartitionWriter::ValidateSourceHash( operation, source_fd, block_size_, error); } bool VABCPartitionWriter::PerformReplaceOperation(const InstallOperation& op, const void* data, size_t count) { // Setup the ExtentWriter stack based on the operation type. std::unique_ptr writer = CreateBaseExtentWriter(); return executor_.ExecuteReplaceOperation(op, std::move(writer), data, count); } bool VABCPartitionWriter::PerformDiffOperation( const InstallOperation& operation, ErrorCode* error, const void* data, size_t count) { FileDescriptorPtr source_fd = verified_source_fd_.ChooseSourceFD(operation, error); TEST_AND_RETURN_FALSE(source_fd != nullptr); TEST_AND_RETURN_FALSE(source_fd->IsOpen()); std::unique_ptr writer = IsXorEnabled() ? std::make_unique( operation, source_fd, cow_writer_.get(), xor_map_) : CreateBaseExtentWriter(); return executor_.ExecuteDiffOperation( operation, std::move(writer), source_fd, data, count); } void VABCPartitionWriter::CheckpointUpdateProgress(size_t next_op_index) { // No need to call fsync/sync, as CowWriter flushes after a label is added // added. // if cow_writer_ failed, that means Init() failed. This function shouldn't be // called if Init() fails. TEST_AND_RETURN(cow_writer_ != nullptr); cow_writer_->AddLabel(next_op_index); } [[nodiscard]] bool VABCPartitionWriter::FinishedInstallOps() { // Add a hardcoded magic label to indicate end of all install ops. This label // is needed by filesystem verification, don't remove. TEST_AND_RETURN_FALSE(cow_writer_ != nullptr); TEST_AND_RETURN_FALSE(cow_writer_->AddLabel(kEndOfInstallLabel)); TEST_AND_RETURN_FALSE(cow_writer_->Finalize()); TEST_AND_RETURN_FALSE(cow_writer_->VerifyMergeOps()); return true; } VABCPartitionWriter::~VABCPartitionWriter() { Close(); } int VABCPartitionWriter::Close() { if (cow_writer_) { cow_writer_->Finalize(); cow_writer_ = nullptr; } return 0; } } // namespace chromeos_update_engine