paycheck: Properly infer usable target partition size.
The payload checker used to restrict read/write block indexes to the
reported target filesystem size, unless explicitly given a partition
size value to use instead. So far this value was easy for clients (like
paygen) to come up with, because it was constant at 2GB for all known
boards. However this is no longer the case, and there is no an easy way
for clients to know the actual target partition size after the payload
has been generated (nor is it encoded in the payload). This adds logic
for inferring the usable target partition size into PayloadChecker()
itself, as follows:
1) If a partition size was given, use that.
2) Else, if this is an old delta (minor version < 2), use the
aforementioned default. This is necessary because older deltas may
actually read/write data beyond the filesystem size. It is also
sufficient because any old delta payload we generate should write to
a 2GB target partition.
3) In all other cases, just use the new filesystem size, as encoded in
the payload. This is a safe choice for full updates and newer deltas.
The command-line tool is updated accordingly. Note that the usable
kernel partition size inference remains unaffected.
BUG=chromium:508566
TEST=Unit tests (revised)
Change-Id: I987f28fdfe1d82d0f6f565ae9852b7b11bce13e8
Reviewed-on: https://chromium-review.googlesource.com/285447
Reviewed-by: Gilad Arnold <garnold@chromium.org>
Tested-by: Gilad Arnold <garnold@chromium.org>
Commit-Queue: Gilad Arnold <garnold@chromium.org>
diff --git a/scripts/update_payload/checker.py b/scripts/update_payload/checker.py
index 5428f66..47461af 100644
--- a/scripts/update_payload/checker.py
+++ b/scripts/update_payload/checker.py
@@ -57,6 +57,8 @@
2: (_TYPE_DELTA,),
}
+_OLD_DELTA_USABLE_PART_SIZE = 2 * 1024 * 1024 * 1024
+
#
# Helper functions.
#
@@ -1152,8 +1154,8 @@
Args:
pubkey_file_name: Public key used for signature verification.
metadata_sig_file: Metadata signature, if verification is desired.
- rootfs_part_size: The size of rootfs partitions in bytes (default: use
- reported filesystem size).
+ rootfs_part_size: The size of rootfs partitions in bytes (default: infer
+ based on payload type and version).
kernel_part_size: The size of kernel partitions in bytes (default: use
reported filesystem size).
report_out_file: File object to dump the report to.
@@ -1192,6 +1194,18 @@
self._CheckManifest(report, rootfs_part_size, kernel_part_size)
assert self.payload_type, 'payload type should be known by now'
+ # Infer the usable partition size when validating rootfs operations:
+ # - If rootfs partition size was provided, use that.
+ # - Otherwise, if this is an older delta (minor version < 2), stick with
+ # a known constant size. This is necessary because older deltas may
+ # exceed the filesystem size when moving data blocks around.
+ # - Otherwise, use the encoded filesystem size.
+ new_rootfs_usable_size = self.new_rootfs_fs_size
+ if rootfs_part_size:
+ new_rootfs_usable_size = rootfs_part_size
+ elif self.payload_type == _TYPE_DELTA and self.minor_version in (None, 1):
+ new_rootfs_usable_size = _OLD_DELTA_USABLE_PART_SIZE
+
# Part 3: Examine rootfs operations.
# TODO(garnold)(chromium:243559) only default to the filesystem size if
# no explicit size provided *and* the partition size is not embedded in
@@ -1200,9 +1214,7 @@
total_blob_size = self._CheckOperations(
self.payload.manifest.install_operations, report,
'install_operations', self.old_rootfs_fs_size,
- self.new_rootfs_fs_size,
- rootfs_part_size if rootfs_part_size else self.new_rootfs_fs_size,
- 0, False)
+ self.new_rootfs_fs_size, new_rootfs_usable_size, 0, False)
# Part 4: Examine kernel operations.
# TODO(garnold)(chromium:243559) as above.