1 // 2 // Copyright (C) 2012 The Android Open Source Project 3 // 4 // Licensed under the Apache License, Version 2.0 (the "License"); 5 // you may not use this file except in compliance with the License. 6 // You may obtain a copy of the License at 7 // 8 // http://www.apache.org/licenses/LICENSE-2.0 9 // 10 // Unless required by applicable law or agreed to in writing, software 11 // distributed under the License is distributed on an "AS IS" BASIS, 12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 // See the License for the specific language governing permissions and 14 // limitations under the License. 15 // 16 17 #ifndef UPDATE_ENGINE_PAYLOAD_CONSUMER_FILESYSTEM_VERIFIER_ACTION_H_ 18 #define UPDATE_ENGINE_PAYLOAD_CONSUMER_FILESYSTEM_VERIFIER_ACTION_H_ 19 20 #include <sys/stat.h> 21 #include <sys/types.h> 22 23 #include <memory> 24 #include <string> 25 #include <vector> 26 27 #include <brillo/streams/stream.h> 28 29 #include "update_engine/common/action.h" 30 #include "update_engine/common/hash_calculator.h" 31 #include "update_engine/payload_consumer/install_plan.h" 32 #include "update_engine/payload_consumer/verity_writer_interface.h" 33 34 // This action will hash all the partitions of the target slot involved in the 35 // update. The hashes are then verified against the ones in the InstallPlan. 36 // If the target hash does not match, the action will fail. In case of failure, 37 // the error code will depend on whether the source slot hashes are provided and 38 // match. 39 40 namespace chromeos_update_engine { 41 42 // The step FilesystemVerifier is on. On kVerifyTargetHash it computes the hash 43 // on the target partitions based on the already populated size and verifies it 44 // matches the one in the target_hash in the InstallPlan. 45 // If the hash matches, then we skip the kVerifySourceHash step, otherwise we 46 // need to check if the source is the root cause of the mismatch. 47 enum class VerifierStep { 48 kVerifyTargetHash, 49 kVerifySourceHash, 50 }; 51 52 class FilesystemVerifierAction : public InstallPlanAction { 53 public: 54 FilesystemVerifierAction() 55 : verity_writer_(verity_writer::CreateVerityWriter()) {} 56 ~FilesystemVerifierAction() override = default; 57 58 void PerformAction() override; 59 void TerminateProcessing() override; 60 61 // Debugging/logging 62 static std::string StaticType() { return "FilesystemVerifierAction"; } 63 std::string Type() const override { return StaticType(); } 64 65 private: 66 friend class FilesystemVerifierActionTestDelegate; 67 // Starts the hashing of the current partition. If there aren't any partitions 68 // remaining to be hashed, it finishes the action. 69 void StartPartitionHashing(); 70 71 // Schedules the asynchronous read of the filesystem. 72 void ScheduleRead(); 73 74 // Called from the main loop when a single read from |src_stream_| succeeds or 75 // fails, calling OnReadDoneCallback() and OnReadErrorCallback() respectively. 76 void OnReadDoneCallback(size_t bytes_read); 77 void OnReadErrorCallback(const brillo::Error* error); 78 79 // When the read is done, finalize the hash checking of the current partition 80 // and continue checking the next one. 81 void FinishPartitionHashing(); 82 83 // Cleans up all the variables we use for async operations and tells the 84 // ActionProcessor we're done w/ |code| as passed in. |cancelled_| should be 85 // true if TerminateProcessing() was called. 86 void Cleanup(ErrorCode code); 87 88 // The type of the partition that we are verifying. 89 VerifierStep verifier_step_ = VerifierStep::kVerifyTargetHash; 90 91 // The index in the install_plan_.partitions vector of the partition currently 92 // being hashed. 93 size_t partition_index_{0}; 94 95 // If not null, the FileStream used to read from the device. 96 brillo::StreamPtr src_stream_; 97 98 // Buffer for storing data we read. 99 brillo::Blob buffer_; 100 101 bool cancelled_{false}; // true if the action has been cancelled. 102 103 // The install plan we're passed in via the input pipe. 104 InstallPlan install_plan_; 105 106 // Calculates the hash of the data. 107 std::unique_ptr<HashCalculator> hasher_; 108 109 // Write verity data of the current partition. 110 std::unique_ptr<VerityWriterInterface> verity_writer_; 111 112 // Reads and hashes this many bytes from the head of the input stream. When 113 // the partition starts to be hashed, this field is initialized from the 114 // corresponding InstallPlan::Partition size which is the total size 115 // update_engine is expected to write, and may be smaller than the size of the 116 // partition in gpt. 117 uint64_t partition_size_{0}; 118 119 // The byte offset that we are reading in the current partition. 120 uint64_t offset_{0}; 121 122 DISALLOW_COPY_AND_ASSIGN(FilesystemVerifierAction); 123 }; 124 125 } // namespace chromeos_update_engine 126 127 #endif // UPDATE_ENGINE_PAYLOAD_CONSUMER_FILESYSTEM_VERIFIER_ACTION_H_ 128