Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / update_engine / a26432a8fe5981ca1bb41cb6aacddfc3765666ac
commita26432a8fe5981ca1bb41cb6aacddfc3765666ac[log] [tgz]
authorAlex Deymo <deymo@chromium.org>Thu Mar 12 16:08:04 2015 -0700
committerChromeOS Commit Bot <chromeos-commit-bot@chromium.org>Sat Mar 14 06:59:33 2015 +0000
tree984398d04b7067443b4c9cb1fdea7a93362e57fd
parent6ded6548c4d3606923d606981dd29f224bcfc723 [diff]
update_engine: Use the rootfs size specified by verity.

When using rootfs verification and generating a payload, it is important
to generate a payload that writes all the blocks verity expects to hash
in the hash tree, even if those blocks are never used by the filesystem.

When using squashfs, the filesystem is padded with zeros up to the
fs_size provided in the disk_layout.json, which is used as the size
of the dm-verity device. Because of this, it is important to always
generate a payload that writes all that.

This patch parses the kernel using vboot_host tools and updates the
rootfs_size value with the one specified to verity in the kernel
command line. When no verity options are found or the kernel is not
provided (as in the case of a full kernel update in a delta payload)
only the filesystem part is considered for the rootfs_size. This
means that the extra zeros in the source rootfs won't be used for
the delta payload when generating a full kernel payload, and also
means that the zeros after the squashfs won't be written when
generating the new rootfs with rootfs verification disabled.

BUG=chromium:463783
TEST=FEATURES=test emerge-link update_engine
TEST=Ran delta_generator with invalind kernels (in full and delta mode).
TEST=Ran cros_generate_update_payload with real images with both
squashfs and ext2.

Change-Id: Id151063722a20d27c50724f6b27f774a3436e3ea
Reviewed-on: https://chromium-review.googlesource.com/259839
Reviewed-by: Alex Vakulenko <avakulenko@chromium.org>
Commit-Queue: Alex Deymo <deymo@chromium.org>
Trybot-Ready: Alex Deymo <deymo@chromium.org>
Tested-by: Alex Deymo <deymo@chromium.org>
Reviewed-by: Don Garrett <dgarrett@chromium.org>
7 files changed
tree: 984398d04b7067443b4c9cb1fdea7a93362e57fd
  1. dbus_bindings/
  2. init/
  3. payload_generator/
  4. update_manager/
  5. .gitignore
  6. action.h
  7. action_pipe.h
  8. action_pipe_unittest.cc
  9. action_processor.cc
  10. action_processor.h
  11. action_processor_unittest.cc
  12. action_unittest.cc
  13. bzip.cc
  14. bzip.h
  15. bzip_extent_writer.cc
  16. bzip_extent_writer.h
  17. bzip_extent_writer_unittest.cc
  18. certificate_checker.cc
  19. certificate_checker.h
  20. certificate_checker_unittest.cc
  21. chrome_browser_proxy_resolver.cc
  22. chrome_browser_proxy_resolver.h
  23. chrome_browser_proxy_resolver_unittest.cc
  24. clock.cc
  25. clock.h
  26. clock_interface.h
  27. connection_manager.cc
  28. connection_manager.h
  29. connection_manager_unittest.cc
  30. constants.cc
  31. constants.h
  32. dbus_constants.h
  33. dbus_service.cc
  34. dbus_service.h
  35. dbus_wrapper_interface.h
  36. delta_performer.cc
  37. delta_performer.h
  38. delta_performer_unittest.cc
  39. download_action.cc
  40. download_action.h
  41. download_action_unittest.cc
  42. error_code.h
  43. extent_ranges.cc
  44. extent_ranges.h
  45. extent_ranges_unittest.cc
  46. extent_writer.cc
  47. extent_writer.h
  48. extent_writer_unittest.cc
  49. fake_clock.h
  50. fake_file_writer.h
  51. fake_hardware.h
  52. fake_p2p_manager.h
  53. fake_p2p_manager_configuration.h
  54. fake_prefs.cc
  55. fake_prefs.h
  56. fake_system_state.cc
  57. fake_system_state.h
  58. file_descriptor.cc
  59. file_descriptor.h
  60. file_writer.cc
  61. file_writer.h
  62. file_writer_unittest.cc
  63. filesystem_copier_action.cc
  64. filesystem_copier_action.h
  65. filesystem_copier_action_unittest.cc
  66. glib_utils.cc
  67. glib_utils.h
  68. hardware.cc
  69. hardware.h
  70. hardware_interface.h
  71. http_common.cc
  72. http_common.h
  73. http_fetcher.cc
  74. http_fetcher.h
  75. http_fetcher_unittest.cc
  76. hwid_override.cc
  77. hwid_override.h
  78. hwid_override_unittest.cc
  79. install_plan.cc
  80. install_plan.h
  81. libcurl_http_fetcher.cc
  82. libcurl_http_fetcher.h
  83. local_coverage_rate
  84. main.cc
  85. metrics.cc
  86. metrics.h
  87. mock_action.h
  88. mock_action_processor.h
  89. mock_certificate_checker.h
  90. mock_connection_manager.h
  91. mock_dbus_wrapper.h
  92. mock_file_writer.h
  93. mock_hardware.h
  94. mock_http_fetcher.cc
  95. mock_http_fetcher.h
  96. mock_omaha_request_params.h
  97. mock_p2p_manager.h
  98. mock_payload_state.h
  99. mock_prefs.h
  100. mock_update_attempter.h
  101. mtd_file_descriptor.cc
  102. mtd_file_descriptor.h
  103. multi_range_http_fetcher.cc
  104. multi_range_http_fetcher.h
  105. omaha_hash_calculator.cc
  106. omaha_hash_calculator.h
  107. omaha_hash_calculator_unittest.cc
  108. omaha_request_action.cc
  109. omaha_request_action.h
  110. omaha_request_action_unittest.cc
  111. omaha_request_params.cc
  112. omaha_request_params.h
  113. omaha_request_params_unittest.cc
  114. omaha_response.h
  115. omaha_response_handler_action.cc
  116. omaha_response_handler_action.h
  117. omaha_response_handler_action_unittest.cc
  118. OWNERS
  119. p2p_manager.cc
  120. p2p_manager.h
  121. p2p_manager_unittest.cc
  122. payload_constants.cc
  123. payload_constants.h
  124. payload_state.cc
  125. payload_state.h
  126. payload_state_interface.h
  127. payload_state_unittest.cc
  128. payload_verifier.cc
  129. payload_verifier.h
  130. postinstall_runner_action.cc
  131. postinstall_runner_action.h
  132. postinstall_runner_action_unittest.cc
  133. prefs.cc
  134. prefs.h
  135. prefs_interface.h
  136. prefs_unittest.cc
  137. proxy_resolver.cc
  138. proxy_resolver.h
  139. real_dbus_wrapper.h
  140. real_system_state.cc
  141. real_system_state.h
  142. run_unittests
  143. sample_omaha_v3_response.xml
  144. subprocess.cc
  145. subprocess.h
  146. subprocess_unittest.cc
  147. system_state.h
  148. terminator.cc
  149. terminator.h
  150. terminator_unittest.cc
  151. test_http_server.cc
  152. test_utils.cc
  153. test_utils.h
  154. test_utils_unittest.cc
  155. testrunner.cc
  156. unittest_key.pem
  157. unittest_key2.pem
  158. update_attempter.cc
  159. update_attempter.h
  160. update_attempter_unittest.cc
  161. update_engine.conf
  162. update_engine.gyp
  163. update_engine_client.cc
  164. update_metadata.proto
  165. UpdateEngine.conf
  166. utils.cc
  167. utils.h
  168. utils_unittest.cc
  169. WATCHLISTS
  170. zip_unittest.cc