1 /*
2  * Copyright (C) 2014 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 // This program takes a file on an ext4 filesystem and produces a list
18 // of the blocks that file occupies, which enables the file contents
19 // to be read directly from the block device without mounting the
20 // filesystem.
21 //
22 // If the filesystem is using an encrypted block device, it will also
23 // read the file and rewrite it to the same blocks of the underlying
24 // (unencrypted) block device, so the file contents can be read
25 // without the need for the decryption key.
26 //
27 // The output of this program is a "block map" which looks like this:
28 //
29 //     /dev/block/platform/msm_sdcc.1/by-name/userdata     # block device
30 //     49652 4096                        # file size in bytes, block size
31 //     3                                 # count of block ranges
32 //     1000 1008                         # block range 0
33 //     2100 2102                         # ... block range 1
34 //     30 33                             # ... block range 2
35 //
36 // Each block range represents a half-open interval; the line "30 33"
37 // reprents the blocks [30, 31, 32].
38 //
39 // Recovery can take this block map file and retrieve the underlying
40 // file data to use as an update package.
41 
42 /**
43  * In addition to the uncrypt work, uncrypt also takes care of setting and
44  * clearing the bootloader control block (BCB) at /misc partition.
45  *
46  * uncrypt is triggered as init services on demand. It uses socket to
47  * communicate with its caller (i.e. system_server). The socket is managed by
48  * init (i.e. created prior to the service starts, and destroyed when uncrypt
49  * exits).
50  *
51  * Below is the uncrypt protocol.
52  *
53  *    a. caller                 b. init                    c. uncrypt
54  * ---------------            ------------               --------------
55  *  a1. ctl.start:
56  *    setup-bcb /
57  *    clear-bcb /
58  *    uncrypt
59  *
60  *                         b2. create socket at
61  *                           /dev/socket/uncrypt
62  *
63  *                                                   c3. listen and accept
64  *
65  *  a4. send a 4-byte int
66  *    (message length)
67  *                                                   c5. receive message length
68  *  a6. send message
69  *                                                   c7. receive message
70  *                                                   c8. <do the work; may send
71  *                                                      the progress>
72  *  a9. <may handle progress>
73  *                                                   c10. <upon finishing>
74  *                                                     send "100" or "-1"
75  *
76  *  a11. receive status code
77  *  a12. send a 4-byte int to
78  *    ack the receive of the
79  *    final status code
80  *                                                   c13. receive and exit
81  *
82  *                          b14. destroy the socket
83  *
84  * Note that a12 and c13 are necessary to ensure a11 happens before the socket
85  * gets destroyed in b14.
86  */
87 
88 #include <arpa/inet.h>
89 #include <errno.h>
90 #include <fcntl.h>
91 #include <inttypes.h>
92 #include <linux/fs.h>
93 #include <stdarg.h>
94 #include <stdio.h>
95 #include <stdlib.h>
96 #include <string.h>
97 #include <sys/mman.h>
98 #include <sys/socket.h>
99 #include <sys/stat.h>
100 #include <sys/types.h>
101 #include <unistd.h>
102 
103 #include <algorithm>
104 #include <memory>
105 #include <string>
106 #include <vector>
107 
108 #include <android-base/file.h>
109 #include <android-base/logging.h>
110 #include <android-base/properties.h>
111 #include <android-base/stringprintf.h>
112 #include <android-base/strings.h>
113 #include <android-base/unique_fd.h>
114 #include <bootloader_message/bootloader_message.h>
115 #include <cutils/android_reboot.h>
116 #include <cutils/sockets.h>
117 #include <fs_mgr.h>
118 #include <fstab/fstab.h>
119 
120 #include "otautil/error_code.h"
121 
122 using android::fs_mgr::Fstab;
123 using android::fs_mgr::ReadDefaultFstab;
124 
125 static constexpr int WINDOW_SIZE = 5;
126 static constexpr int FIBMAP_RETRY_LIMIT = 3;
127 
128 // uncrypt provides three services: SETUP_BCB, CLEAR_BCB and UNCRYPT.
129 //
130 // SETUP_BCB and CLEAR_BCB services use socket communication and do not rely
131 // on /cache partitions. They will handle requests to reboot into recovery
132 // (for applying updates for non-A/B devices, or factory resets for all
133 // devices).
134 //
135 // UNCRYPT service still needs files on /cache partition (UNCRYPT_PATH_FILE
136 // and CACHE_BLOCK_MAP). It will be working (and needed) only for non-A/B
137 // devices, on which /cache partitions always exist.
138 static const std::string CACHE_BLOCK_MAP = "/cache/recovery/block.map";
139 static const std::string UNCRYPT_PATH_FILE = "/cache/recovery/uncrypt_file";
140 static const std::string UNCRYPT_STATUS = "/cache/recovery/uncrypt_status";
141 static const std::string UNCRYPT_SOCKET = "uncrypt";
142 
143 static Fstab fstab;
144 
write_at_offset(unsigned char * buffer,size_t size,int wfd,off64_t offset)145 static int write_at_offset(unsigned char* buffer, size_t size, int wfd, off64_t offset) {
146     if (TEMP_FAILURE_RETRY(lseek64(wfd, offset, SEEK_SET)) == -1) {
147         PLOG(ERROR) << "error seeking to offset " << offset;
148         return -1;
149     }
150     if (!android::base::WriteFully(wfd, buffer, size)) {
151         PLOG(ERROR) << "error writing offset " << offset;
152         return -1;
153     }
154     return 0;
155 }
156 
add_block_to_ranges(std::vector<int> & ranges,int new_block)157 static void add_block_to_ranges(std::vector<int>& ranges, int new_block) {
158     if (!ranges.empty() && new_block == ranges.back()) {
159         // If the new block comes immediately after the current range,
160         // all we have to do is extend the current range.
161         ++ranges.back();
162     } else {
163         // We need to start a new range.
164         ranges.push_back(new_block);
165         ranges.push_back(new_block + 1);
166     }
167 }
168 
169 // Looks for a volume whose mount point is the prefix of path and returns its block device or an
170 // empty string. Sets encryption flags accordingly.
FindBlockDevice(const std::string & path,bool * encryptable,bool * encrypted,bool * f2fs_fs)171 static std::string FindBlockDevice(const std::string& path, bool* encryptable, bool* encrypted,
172                                    bool* f2fs_fs) {
173   // Ensure f2fs_fs is set to false first.
174   *f2fs_fs = false;
175 
176   for (const auto& entry : fstab) {
177     if (entry.mount_point.empty()) {
178       continue;
179     }
180     if (android::base::StartsWith(path, entry.mount_point + "/")) {
181       *encrypted = false;
182       *encryptable = false;
183       if (entry.is_encryptable() || entry.fs_mgr_flags.file_encryption) {
184         *encryptable = true;
185         if (android::base::GetProperty("ro.crypto.state", "") == "encrypted") {
186           *encrypted = true;
187         }
188       }
189       if (entry.fs_type == "f2fs") {
190         *f2fs_fs = true;
191       }
192       return entry.blk_device;
193     }
194   }
195 
196   return "";
197 }
198 
write_status_to_socket(int status,int socket)199 static bool write_status_to_socket(int status, int socket) {
200     // If socket equals -1, uncrypt is in debug mode without socket communication.
201     // Skip writing and return success.
202     if (socket == -1) {
203         return true;
204     }
205     int status_out = htonl(status);
206     return android::base::WriteFully(socket, &status_out, sizeof(int));
207 }
208 
209 // Parses the given path file to find the update package name.
FindUncryptPackage(const std::string & uncrypt_path_file,std::string * package_name)210 static bool FindUncryptPackage(const std::string& uncrypt_path_file, std::string* package_name) {
211   CHECK(package_name != nullptr);
212   std::string uncrypt_path;
213   if (!android::base::ReadFileToString(uncrypt_path_file, &uncrypt_path)) {
214     PLOG(ERROR) << "failed to open \"" << uncrypt_path_file << "\"";
215     return false;
216   }
217 
218   // Remove the trailing '\n' if present.
219   *package_name = android::base::Trim(uncrypt_path);
220   return true;
221 }
222 
RetryFibmap(int fd,const std::string & name,int * block,const int head_block)223 static int RetryFibmap(int fd, const std::string& name, int* block, const int head_block) {
224   CHECK(block != nullptr);
225   for (size_t i = 0; i < FIBMAP_RETRY_LIMIT; i++) {
226     if (fsync(fd) == -1) {
227       PLOG(ERROR) << "failed to fsync \"" << name << "\"";
228       return kUncryptFileSyncError;
229     }
230     if (ioctl(fd, FIBMAP, block) != 0) {
231       PLOG(ERROR) << "failed to find block " << head_block;
232       return kUncryptIoctlError;
233     }
234     if (*block != 0) {
235       return kUncryptNoError;
236     }
237     sleep(1);
238   }
239   LOG(ERROR) << "fibmap of " << head_block << " always returns 0";
240   return kUncryptIoctlError;
241 }
242 
ProductBlockMap(const std::string & path,const std::string & map_file,const std::string & blk_dev,bool encrypted,bool f2fs_fs,int socket)243 static int ProductBlockMap(const std::string& path, const std::string& map_file,
244                            const std::string& blk_dev, bool encrypted, bool f2fs_fs, int socket) {
245   std::string err;
246   if (!android::base::RemoveFileIfExists(map_file, &err)) {
247     LOG(ERROR) << "failed to remove the existing map file " << map_file << ": " << err;
248     return kUncryptFileRemoveError;
249   }
250   std::string tmp_map_file = map_file + ".tmp";
251   android::base::unique_fd mapfd(open(tmp_map_file.c_str(), O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR));
252   if (mapfd == -1) {
253     PLOG(ERROR) << "failed to open " << tmp_map_file;
254     return kUncryptFileOpenError;
255   }
256 
257   // Make sure we can write to the socket.
258   if (!write_status_to_socket(0, socket)) {
259     LOG(ERROR) << "failed to write to socket " << socket;
260     return kUncryptSocketWriteError;
261   }
262 
263   struct stat sb;
264   if (stat(path.c_str(), &sb) != 0) {
265     PLOG(ERROR) << "failed to stat " << path;
266     return kUncryptFileStatError;
267   }
268 
269   LOG(INFO) << " block size: " << sb.st_blksize << " bytes";
270 
271   int blocks = ((sb.st_size - 1) / sb.st_blksize) + 1;
272   LOG(INFO) << "  file size: " << sb.st_size << " bytes, " << blocks << " blocks";
273 
274   std::vector<int> ranges;
275 
276   std::string s = android::base::StringPrintf("%s\n%" PRId64 " %" PRId64 "\n", blk_dev.c_str(),
277                                               static_cast<int64_t>(sb.st_size),
278                                               static_cast<int64_t>(sb.st_blksize));
279   if (!android::base::WriteStringToFd(s, mapfd)) {
280     PLOG(ERROR) << "failed to write " << tmp_map_file;
281     return kUncryptWriteError;
282   }
283 
284   std::vector<std::vector<unsigned char>> buffers;
285   if (encrypted) {
286     buffers.resize(WINDOW_SIZE, std::vector<unsigned char>(sb.st_blksize));
287   }
288   int head_block = 0;
289   int head = 0, tail = 0;
290 
291   android::base::unique_fd fd(open(path.c_str(), O_RDWR));
292   if (fd == -1) {
293     PLOG(ERROR) << "failed to open " << path << " for reading";
294     return kUncryptFileOpenError;
295   }
296 
297   android::base::unique_fd wfd;
298   if (encrypted) {
299     wfd.reset(open(blk_dev.c_str(), O_WRONLY));
300     if (wfd == -1) {
301       PLOG(ERROR) << "failed to open " << blk_dev << " for writing";
302       return kUncryptBlockOpenError;
303     }
304   }
305 
306 // F2FS-specific ioctl
307 // It requires the below kernel commit merged in v4.16-rc1.
308 //   1ad71a27124c ("f2fs: add an ioctl to disable GC for specific file")
309 // In android-4.4,
310 //   56ee1e817908 ("f2fs: updates on v4.16-rc1")
311 // In android-4.9,
312 //   2f17e34672a8 ("f2fs: updates on v4.16-rc1")
313 // In android-4.14,
314 //   ce767d9a55bc ("f2fs: updates on v4.16-rc1")
315 #ifndef F2FS_IOC_SET_PIN_FILE
316 #ifndef F2FS_IOCTL_MAGIC
317 #define F2FS_IOCTL_MAGIC		0xf5
318 #endif
319 #define F2FS_IOC_SET_PIN_FILE	_IOW(F2FS_IOCTL_MAGIC, 13, __u32)
320 #define F2FS_IOC_GET_PIN_FILE	_IOR(F2FS_IOCTL_MAGIC, 14, __u32)
321 #endif
322     if (f2fs_fs) {
323         __u32 set = 1;
324         int error = ioctl(fd, F2FS_IOC_SET_PIN_FILE, &set);
325         // Don't break the old kernels which don't support it.
326         if (error && errno != ENOTTY && errno != ENOTSUP) {
327             PLOG(ERROR) << "Failed to set pin_file for f2fs: " << path << " on " << blk_dev;
328             return kUncryptIoctlError;
329         }
330     }
331 
332     off64_t pos = 0;
333     int last_progress = 0;
334     while (pos < sb.st_size) {
335         // Update the status file, progress must be between [0, 99].
336         int progress = static_cast<int>(100 * (double(pos) / double(sb.st_size)));
337         if (progress > last_progress) {
338             last_progress = progress;
339             write_status_to_socket(progress, socket);
340         }
341 
342         if ((tail+1) % WINDOW_SIZE == head) {
343             // write out head buffer
344             int block = head_block;
345             if (ioctl(fd, FIBMAP, &block) != 0) {
346                 PLOG(ERROR) << "failed to find block " << head_block;
347                 return kUncryptIoctlError;
348             }
349 
350             if (block == 0) {
351                 LOG(ERROR) << "failed to find block " << head_block << ", retrying";
352                 int error = RetryFibmap(fd, path, &block, head_block);
353                 if (error != kUncryptNoError) {
354                     return error;
355                 }
356             }
357 
358             add_block_to_ranges(ranges, block);
359             if (encrypted) {
360                 if (write_at_offset(buffers[head].data(), sb.st_blksize, wfd,
361                                     static_cast<off64_t>(sb.st_blksize) * block) != 0) {
362                     return kUncryptWriteError;
363                 }
364             }
365             head = (head + 1) % WINDOW_SIZE;
366             ++head_block;
367         }
368 
369         // read next block to tail
370         if (encrypted) {
371             size_t to_read = static_cast<size_t>(
372                     std::min(static_cast<off64_t>(sb.st_blksize), sb.st_size - pos));
373             if (!android::base::ReadFully(fd, buffers[tail].data(), to_read)) {
374                 PLOG(ERROR) << "failed to read " << path;
375                 return kUncryptReadError;
376             }
377             pos += to_read;
378         } else {
379             // If we're not encrypting; we don't need to actually read
380             // anything, just skip pos forward as if we'd read a
381             // block.
382             pos += sb.st_blksize;
383         }
384         tail = (tail+1) % WINDOW_SIZE;
385     }
386 
387     while (head != tail) {
388         // write out head buffer
389         int block = head_block;
390         if (ioctl(fd, FIBMAP, &block) != 0) {
391             PLOG(ERROR) << "failed to find block " << head_block;
392             return kUncryptIoctlError;
393         }
394 
395         if (block == 0) {
396             LOG(ERROR) << "failed to find block " << head_block << ", retrying";
397             int error = RetryFibmap(fd, path, &block, head_block);
398             if (error != kUncryptNoError) {
399                 return error;
400             }
401         }
402 
403         add_block_to_ranges(ranges, block);
404         if (encrypted) {
405             if (write_at_offset(buffers[head].data(), sb.st_blksize, wfd,
406                                 static_cast<off64_t>(sb.st_blksize) * block) != 0) {
407                 return kUncryptWriteError;
408             }
409         }
410         head = (head + 1) % WINDOW_SIZE;
411         ++head_block;
412     }
413 
414     if (!android::base::WriteStringToFd(
415             android::base::StringPrintf("%zu\n", ranges.size() / 2), mapfd)) {
416         PLOG(ERROR) << "failed to write " << tmp_map_file;
417         return kUncryptWriteError;
418     }
419     for (size_t i = 0; i < ranges.size(); i += 2) {
420         if (!android::base::WriteStringToFd(
421                 android::base::StringPrintf("%d %d\n", ranges[i], ranges[i+1]), mapfd)) {
422             PLOG(ERROR) << "failed to write " << tmp_map_file;
423             return kUncryptWriteError;
424         }
425     }
426 
427     if (fsync(mapfd) == -1) {
428         PLOG(ERROR) << "failed to fsync \"" << tmp_map_file << "\"";
429         return kUncryptFileSyncError;
430     }
431     if (close(mapfd.release()) == -1) {
432         PLOG(ERROR) << "failed to close " << tmp_map_file;
433         return kUncryptFileCloseError;
434     }
435 
436     if (encrypted) {
437         if (fsync(wfd) == -1) {
438             PLOG(ERROR) << "failed to fsync \"" << blk_dev << "\"";
439             return kUncryptFileSyncError;
440         }
441         if (close(wfd.release()) == -1) {
442             PLOG(ERROR) << "failed to close " << blk_dev;
443             return kUncryptFileCloseError;
444         }
445     }
446 
447     if (rename(tmp_map_file.c_str(), map_file.c_str()) == -1) {
448       PLOG(ERROR) << "failed to rename " << tmp_map_file << " to " << map_file;
449       return kUncryptFileRenameError;
450     }
451     // Sync dir to make rename() result written to disk.
452     std::string dir_name = android::base::Dirname(map_file);
453     android::base::unique_fd dfd(open(dir_name.c_str(), O_RDONLY | O_DIRECTORY));
454     if (dfd == -1) {
455         PLOG(ERROR) << "failed to open dir " << dir_name;
456         return kUncryptFileOpenError;
457     }
458     if (fsync(dfd) == -1) {
459         PLOG(ERROR) << "failed to fsync " << dir_name;
460         return kUncryptFileSyncError;
461     }
462     if (close(dfd.release()) == -1) {
463         PLOG(ERROR) << "failed to close " << dir_name;
464         return kUncryptFileCloseError;
465     }
466     return 0;
467 }
468 
Uncrypt(const std::string & input_path,const std::string & map_file,int socket)469 static int Uncrypt(const std::string& input_path, const std::string& map_file, int socket) {
470   LOG(INFO) << "update package is \"" << input_path << "\"";
471 
472   // Turn the name of the file we're supposed to convert into an absolute path, so we can find what
473   // filesystem it's on.
474   std::string path;
475   if (!android::base::Realpath(input_path, &path)) {
476     PLOG(ERROR) << "Failed to convert \"" << input_path << "\" to absolute path";
477     return kUncryptRealpathFindError;
478   }
479 
480   bool encryptable = false;
481   bool encrypted = false;
482   bool f2fs_fs = false;
483   const std::string blk_dev = FindBlockDevice(path, &encryptable, &encrypted, &f2fs_fs);
484   if (blk_dev.empty()) {
485     LOG(ERROR) << "Failed to find block device for " << path;
486     return kUncryptBlockDeviceFindError;
487   }
488 
489   // If the filesystem it's on isn't encrypted, we only produce the block map, we don't rewrite the
490   // file contents (it would be pointless to do so).
491   LOG(INFO) << "encryptable: " << (encryptable ? "yes" : "no");
492   LOG(INFO) << "  encrypted: " << (encrypted ? "yes" : "no");
493 
494   // Recovery supports installing packages from 3 paths: /cache, /data, and /sdcard. (On a
495   // particular device, other locations may work, but those are three we actually expect.)
496   //
497   // On /data we want to convert the file to a block map so that we can read the package without
498   // mounting the partition. On /cache and /sdcard we leave the file alone.
499   if (android::base::StartsWith(path, "/data/")) {
500     LOG(INFO) << "writing block map " << map_file;
501     return ProductBlockMap(path, map_file, blk_dev, encrypted, f2fs_fs, socket);
502   }
503 
504   return 0;
505 }
506 
log_uncrypt_error_code(UncryptErrorCode error_code)507 static void log_uncrypt_error_code(UncryptErrorCode error_code) {
508     if (!android::base::WriteStringToFile(android::base::StringPrintf(
509             "uncrypt_error: %d\n", error_code), UNCRYPT_STATUS)) {
510         PLOG(WARNING) << "failed to write to " << UNCRYPT_STATUS;
511     }
512 }
513 
uncrypt_wrapper(const char * input_path,const char * map_file,const int socket)514 static bool uncrypt_wrapper(const char* input_path, const char* map_file, const int socket) {
515     // Initialize the uncrypt error to kUncryptErrorPlaceholder.
516     log_uncrypt_error_code(kUncryptErrorPlaceholder);
517 
518     std::string package;
519     if (input_path == nullptr) {
520       if (!FindUncryptPackage(UNCRYPT_PATH_FILE, &package)) {
521         write_status_to_socket(-1, socket);
522         // Overwrite the error message.
523         log_uncrypt_error_code(kUncryptPackageMissingError);
524         return false;
525       }
526       input_path = package.c_str();
527     }
528     CHECK(map_file != nullptr);
529 
530     auto start = std::chrono::system_clock::now();
531     int status = Uncrypt(input_path, map_file, socket);
532     std::chrono::duration<double> duration = std::chrono::system_clock::now() - start;
533     int count = static_cast<int>(duration.count());
534 
535     std::string uncrypt_message = android::base::StringPrintf("uncrypt_time: %d\n", count);
536     if (status != 0) {
537         // Log the time cost and error code if uncrypt fails.
538         uncrypt_message += android::base::StringPrintf("uncrypt_error: %d\n", status);
539         if (!android::base::WriteStringToFile(uncrypt_message, UNCRYPT_STATUS)) {
540             PLOG(WARNING) << "failed to write to " << UNCRYPT_STATUS;
541         }
542 
543         write_status_to_socket(-1, socket);
544         return false;
545     }
546 
547     if (!android::base::WriteStringToFile(uncrypt_message, UNCRYPT_STATUS)) {
548         PLOG(WARNING) << "failed to write to " << UNCRYPT_STATUS;
549     }
550 
551     write_status_to_socket(100, socket);
552 
553     return true;
554 }
555 
clear_bcb(const int socket)556 static bool clear_bcb(const int socket) {
557     std::string err;
558     if (!clear_bootloader_message(&err)) {
559         LOG(ERROR) << "failed to clear bootloader message: " << err;
560         write_status_to_socket(-1, socket);
561         return false;
562     }
563     write_status_to_socket(100, socket);
564     return true;
565 }
566 
setup_bcb(const int socket)567 static bool setup_bcb(const int socket) {
568     // c5. receive message length
569     int length;
570     if (!android::base::ReadFully(socket, &length, 4)) {
571         PLOG(ERROR) << "failed to read the length";
572         return false;
573     }
574     length = ntohl(length);
575 
576     // c7. receive message
577     std::string content;
578     content.resize(length);
579     if (!android::base::ReadFully(socket, &content[0], length)) {
580         PLOG(ERROR) << "failed to read the message";
581         return false;
582     }
583     LOG(INFO) << "  received command: [" << content << "] (" << content.size() << ")";
584     std::vector<std::string> options = android::base::Split(content, "\n");
585     std::string wipe_package;
586     for (auto& option : options) {
587         if (android::base::StartsWith(option, "--wipe_package=")) {
588             std::string path = option.substr(strlen("--wipe_package="));
589             if (!android::base::ReadFileToString(path, &wipe_package)) {
590                 PLOG(ERROR) << "failed to read " << path;
591                 return false;
592             }
593             option = android::base::StringPrintf("--wipe_package_size=%zu", wipe_package.size());
594         }
595     }
596 
597     // c8. setup the bcb command
598     std::string err;
599     if (!write_bootloader_message(options, &err)) {
600         LOG(ERROR) << "failed to set bootloader message: " << err;
601         write_status_to_socket(-1, socket);
602         return false;
603     }
604     if (!wipe_package.empty() && !write_wipe_package(wipe_package, &err)) {
605         PLOG(ERROR) << "failed to set wipe package: " << err;
606         write_status_to_socket(-1, socket);
607         return false;
608     }
609     // c10. send "100" status
610     write_status_to_socket(100, socket);
611     return true;
612 }
613 
usage(const char * exename)614 static void usage(const char* exename) {
615     fprintf(stderr, "Usage of %s:\n", exename);
616     fprintf(stderr, "%s [<package_path> <map_file>]  Uncrypt ota package.\n", exename);
617     fprintf(stderr, "%s --clear-bcb  Clear BCB data in misc partition.\n", exename);
618     fprintf(stderr, "%s --setup-bcb  Setup BCB data by command file.\n", exename);
619 }
620 
main(int argc,char ** argv)621 int main(int argc, char** argv) {
622     enum { UNCRYPT, SETUP_BCB, CLEAR_BCB, UNCRYPT_DEBUG } action;
623     const char* input_path = nullptr;
624     const char* map_file = CACHE_BLOCK_MAP.c_str();
625 
626     if (argc == 2 && strcmp(argv[1], "--clear-bcb") == 0) {
627         action = CLEAR_BCB;
628     } else if (argc == 2 && strcmp(argv[1], "--setup-bcb") == 0) {
629         action = SETUP_BCB;
630     } else if (argc == 1) {
631         action = UNCRYPT;
632     } else if (argc == 3) {
633         input_path = argv[1];
634         map_file = argv[2];
635         action = UNCRYPT_DEBUG;
636     } else {
637         usage(argv[0]);
638         return 2;
639     }
640 
641     if (!ReadDefaultFstab(&fstab)) {
642         LOG(ERROR) << "failed to read default fstab";
643         log_uncrypt_error_code(kUncryptFstabReadError);
644         return 1;
645     }
646 
647     if (action == UNCRYPT_DEBUG) {
648         LOG(INFO) << "uncrypt called in debug mode, skip socket communication";
649         bool success = uncrypt_wrapper(input_path, map_file, -1);
650         if (success) {
651             LOG(INFO) << "uncrypt succeeded";
652         } else{
653             LOG(INFO) << "uncrypt failed";
654         }
655         return success ? 0 : 1;
656     }
657 
658     // c3. The socket is created by init when starting the service. uncrypt
659     // will use the socket to communicate with its caller.
660     android::base::unique_fd service_socket(android_get_control_socket(UNCRYPT_SOCKET.c_str()));
661     if (service_socket == -1) {
662         PLOG(ERROR) << "failed to open socket \"" << UNCRYPT_SOCKET << "\"";
663         log_uncrypt_error_code(kUncryptSocketOpenError);
664         return 1;
665     }
666     fcntl(service_socket, F_SETFD, FD_CLOEXEC);
667 
668     if (listen(service_socket, 1) == -1) {
669         PLOG(ERROR) << "failed to listen on socket " << service_socket.get();
670         log_uncrypt_error_code(kUncryptSocketListenError);
671         return 1;
672     }
673 
674     android::base::unique_fd socket_fd(accept4(service_socket, nullptr, nullptr, SOCK_CLOEXEC));
675     if (socket_fd == -1) {
676         PLOG(ERROR) << "failed to accept on socket " << service_socket.get();
677         log_uncrypt_error_code(kUncryptSocketAcceptError);
678         return 1;
679     }
680 
681     bool success = false;
682     switch (action) {
683         case UNCRYPT:
684             success = uncrypt_wrapper(input_path, map_file, socket_fd);
685             break;
686         case SETUP_BCB:
687             success = setup_bcb(socket_fd);
688             break;
689         case CLEAR_BCB:
690             success = clear_bcb(socket_fd);
691             break;
692         default:  // Should never happen.
693             LOG(ERROR) << "Invalid uncrypt action code: " << action;
694             return 1;
695     }
696 
697     // c13. Read a 4-byte code from the client before uncrypt exits. This is to
698     // ensure the client to receive the last status code before the socket gets
699     // destroyed.
700     int code;
701     if (android::base::ReadFully(socket_fd, &code, 4)) {
702         LOG(INFO) << "  received " << code << ", exiting now";
703     } else {
704         PLOG(ERROR) << "failed to read the code";
705     }
706     return success ? 0 : 1;
707 }
708