Changed EncodeFEC to compute in incremental steps allowing OTA to be
paused during verity writes.
Test: tested incremental OTA on cuttelfish devices.
Bug: 243594791
Change-Id: I55179ab06fd22f10b246449e841d9b40204c6aaf
diff --git a/payload_consumer/cached_file_descriptor.cc b/payload_consumer/cached_file_descriptor.cc
index aa0dbcd..ea56b8b 100644
--- a/payload_consumer/cached_file_descriptor.cc
+++ b/payload_consumer/cached_file_descriptor.cc
@@ -96,4 +96,7 @@
return true;
}
+void UnownedCachedFileDescriptor::SetFD(FileDescriptor* fd) {
+ fd_ = fd;
+}
} // namespace chromeos_update_engine
diff --git a/payload_consumer/cached_file_descriptor.h b/payload_consumer/cached_file_descriptor.h
index 1193455..a428d80 100644
--- a/payload_consumer/cached_file_descriptor.h
+++ b/payload_consumer/cached_file_descriptor.h
@@ -31,7 +31,7 @@
class CachedFileDescriptorBase : public FileDescriptor {
public:
- CachedFileDescriptorBase(size_t cache_size) : cache_(cache_size) {}
+ explicit CachedFileDescriptorBase(size_t cache_size) : cache_(cache_size) {}
~CachedFileDescriptorBase() override = default;
bool Open(const char* path, int flags, mode_t mode) override {
@@ -85,6 +85,8 @@
public:
UnownedCachedFileDescriptor(FileDescriptor* fd, size_t cache_size)
: CachedFileDescriptorBase(cache_size), fd_(fd) {}
+ // used for EnocdeFEC
+ void SetFD(FileDescriptor* fd);
protected:
virtual FileDescriptor* GetFd() { return fd_; }
diff --git a/payload_consumer/filesystem_verifier_action.cc b/payload_consumer/filesystem_verifier_action.cc
index 3bb8e27..1a6e421 100644
--- a/payload_consumer/filesystem_verifier_action.cc
+++ b/payload_consumer/filesystem_verifier_action.cc
@@ -24,6 +24,7 @@
#include <algorithm>
#include <cstdlib>
+#include <functional>
#include <memory>
#include <numeric>
#include <string>
@@ -207,6 +208,35 @@
return true;
}
+void FilesystemVerifierAction::WriteVerityData(FileDescriptor* fd,
+ void* buffer,
+ const size_t buffer_size) {
+ if (verity_writer_->FECFinished()) {
+ LOG(INFO) << "EncodeFEC is completed. Resuming other tasks";
+ if (dynamic_control_->UpdateUsesSnapshotCompression()) {
+ // Spin up snapuserd to read fs.
+ if (!InitializeFdVABC(false)) {
+ LOG(ERROR) << "Failed to map all partitions";
+ Cleanup(ErrorCode::kFilesystemVerifierError);
+ return;
+ }
+ }
+ HashPartition(0, partition_size_, buffer, buffer_size);
+ return;
+ }
+ if (!verity_writer_->IncrementalFinalize(fd, fd)) {
+ LOG(ERROR) << "Failed to write verity data";
+ Cleanup(ErrorCode::kVerityCalculationError);
+ }
+ CHECK(pending_task_id_.PostTask(
+ FROM_HERE,
+ base::BindOnce(&FilesystemVerifierAction::WriteVerityData,
+ base::Unretained(this),
+ fd,
+ buffer,
+ buffer_size)));
+}
+
void FilesystemVerifierAction::WriteVerityAndHashPartition(
const off64_t start_offset,
const off64_t end_offset,
@@ -218,20 +248,7 @@
LOG_IF(WARNING, start_offset > end_offset)
<< "start_offset is greater than end_offset : " << start_offset << " > "
<< end_offset;
- if (!verity_writer_->Finalize(fd, fd)) {
- LOG(ERROR) << "Failed to write verity data";
- Cleanup(ErrorCode::kVerityCalculationError);
- return;
- }
- if (dynamic_control_->UpdateUsesSnapshotCompression()) {
- // Spin up snapuserd to read fs.
- if (!InitializeFdVABC(false)) {
- LOG(ERROR) << "Failed to map all partitions";
- Cleanup(ErrorCode::kFilesystemVerifierError);
- return;
- }
- }
- HashPartition(0, partition_size_, buffer, buffer_size);
+ WriteVerityData(fd, buffer, buffer_size);
return;
}
const auto cur_offset = fd->Seek(start_offset, SEEK_SET);
diff --git a/payload_consumer/filesystem_verifier_action.h b/payload_consumer/filesystem_verifier_action.h
index dd48eff..5bc44b1 100644
--- a/payload_consumer/filesystem_verifier_action.h
+++ b/payload_consumer/filesystem_verifier_action.h
@@ -86,6 +86,10 @@
private:
friend class FilesystemVerifierActionTestDelegate;
+ // Wrapper function that schedules calls of EncodeFEC. Returns true on success
+ void WriteVerityData(FileDescriptor* fd,
+ void* buffer,
+ const size_t buffer_size);
void WriteVerityAndHashPartition(const off64_t start_offset,
const off64_t end_offset,
void* buffer,
diff --git a/payload_consumer/verity_writer_android.cc b/payload_consumer/verity_writer_android.cc
index 91efa3e..479231d 100644
--- a/payload_consumer/verity_writer_android.cc
+++ b/payload_consumer/verity_writer_android.cc
@@ -20,6 +20,7 @@
#include <algorithm>
#include <memory>
+#include <utility>
#include <base/logging.h>
#include <base/posix/eintr_wrapper.h>
@@ -34,6 +35,121 @@
namespace chromeos_update_engine {
+bool IncrementalEncodeFEC::Init(const uint64_t _data_offset,
+ const uint64_t _data_size,
+ const uint64_t _fec_offset,
+ const uint64_t _fec_size,
+ const uint64_t _fec_roots,
+ const uint64_t _block_size,
+ const bool _verify_mode) {
+ current_step_ = EncodeFECStep::kInitFDStep;
+ data_offset_ = _data_offset;
+ data_size_ = _data_size;
+ fec_offset_ = _fec_offset;
+ fec_size_ = _fec_size;
+ fec_roots_ = _fec_roots;
+ block_size_ = _block_size;
+ verify_mode_ = _verify_mode;
+ current_round_ = 0;
+ // This is the N in RS(M, N), which is the number of bytes for each rs block.
+ rs_n_ = FEC_RSM - fec_roots_;
+ rs_char_.reset(init_rs_char(FEC_PARAMS(fec_roots_)));
+ rs_blocks_.resize(block_size_ * rs_n_);
+ buffer_.resize(block_size_, 0);
+ fec_.resize(block_size_ * fec_roots_);
+ fec_read_.resize(fec_.size());
+ TEST_AND_RETURN_FALSE(data_size_ % block_size_ == 0);
+ TEST_AND_RETURN_FALSE(fec_roots_ >= 0 && fec_roots_ < FEC_RSM);
+
+ num_rounds_ = utils::DivRoundUp(data_size_ / block_size_, rs_n_);
+ TEST_AND_RETURN_FALSE(num_rounds_ * fec_roots_ * block_size_ == fec_size_);
+ TEST_AND_RETURN_FALSE(rs_char_ != nullptr);
+ return true;
+}
+
+bool IncrementalEncodeFEC::Compute(FileDescriptor* _read_fd,
+ FileDescriptor* _write_fd) {
+ if (current_step_ == EncodeFECStep::kInitFDStep) {
+ read_fd_ = _read_fd;
+ write_fd_ = _write_fd;
+ cache_fd_.SetFD(write_fd_);
+ write_fd_ = &cache_fd_;
+ } else if (current_step_ == EncodeFECStep::kEncodeRoundStep) {
+ // Encodes |block_size| number of rs blocks each round so that we can read
+ // one block each time instead of 1 byte to increase random read
+ // performance. This uses about 1 MiB memory for 4K block size.
+ for (size_t j = 0; j < rs_n_; j++) {
+ uint64_t offset = fec_ecc_interleave(
+ current_round_ * rs_n_ * block_size_ + j, rs_n_, num_rounds_);
+ // Don't read past |data_size|, treat them as 0.
+ if (offset >= data_size_) {
+ std::fill(buffer_.begin(), buffer_.end(), 0);
+ } else {
+ ssize_t bytes_read = 0;
+ TEST_AND_RETURN_FALSE(utils::PReadAll(read_fd_,
+ buffer_.data(),
+ buffer_.size(),
+ data_offset_ + offset,
+ &bytes_read));
+ TEST_AND_RETURN_FALSE(bytes_read >= 0);
+ TEST_AND_RETURN_FALSE(static_cast<size_t>(bytes_read) ==
+ buffer_.size());
+ }
+ for (size_t k = 0; k < buffer_.size(); k++) {
+ rs_blocks_[k * rs_n_ + j] = buffer_[k];
+ }
+ }
+ for (size_t j = 0; j < block_size_; j++) {
+ // Encode [j * rs_n_ : (j + 1) * rs_n_) in |rs_blocks| and write
+ // |fec_roots| number of parity bytes to |j * fec_roots| in |fec|.
+ encode_rs_char(rs_char_.get(),
+ rs_blocks_.data() + j * rs_n_,
+ fec_.data() + j * fec_roots_);
+ }
+
+ if (verify_mode_) {
+ ssize_t bytes_read = 0;
+ TEST_AND_RETURN_FALSE(utils::PReadAll(read_fd_,
+ fec_read_.data(),
+ fec_read_.size(),
+ fec_offset_,
+ &bytes_read));
+ TEST_AND_RETURN_FALSE(bytes_read >= 0);
+ TEST_AND_RETURN_FALSE(static_cast<size_t>(bytes_read) ==
+ fec_read_.size());
+ TEST_AND_RETURN_FALSE(fec_ == fec_read_);
+ } else {
+ CHECK(write_fd_);
+ write_fd_->Seek(fec_offset_, SEEK_SET);
+ if (!utils::WriteAll(write_fd_, fec_.data(), fec_.size())) {
+ PLOG(ERROR) << "EncodeFEC write() failed";
+ return false;
+ }
+ }
+ fec_offset_ += fec_.size();
+ current_round_++;
+ } else if (current_step_ == EncodeFECStep::kWriteStep) {
+ write_fd_->Flush();
+ }
+ UpdateState();
+ return true;
+}
+// update the current state of EncodeFEC. Can be changed to have smaller steps
+void IncrementalEncodeFEC::UpdateState() {
+ if (current_step_ == EncodeFECStep::kInitFDStep) {
+ current_step_ = EncodeFECStep::kEncodeRoundStep;
+ } else if (current_step_ == EncodeFECStep::kEncodeRoundStep &&
+ current_round_ == num_rounds_) {
+ current_step_ = EncodeFECStep::kWriteStep;
+ } else if (current_step_ == EncodeFECStep::kWriteStep) {
+ current_step_ = EncodeFECStep::kComplete;
+ }
+}
+
+bool IncrementalEncodeFEC::Finished() const {
+ return current_step_ == EncodeFECStep::kComplete;
+}
+
namespace verity_writer {
std::unique_ptr<VerityWriterInterface> CreateVerityWriter() {
return std::make_unique<VerityWriterAndroid>();
@@ -42,7 +158,15 @@
bool VerityWriterAndroid::Init(const InstallPlan::Partition& partition) {
partition_ = &partition;
-
+ LOG(INFO) << "Initializing Incremental EncodeFEC";
+ TEST_AND_RETURN_FALSE(encodeFEC_.Init(partition_->fec_data_offset,
+ partition_->fec_data_size,
+ partition_->fec_offset,
+ partition_->fec_size,
+ partition_->fec_roots,
+ partition_->block_size,
+ false /* verify_mode */));
+ hash_tree_written_ = false;
if (partition_->hash_tree_size != 0) {
auto hash_function =
HashTreeBuilder::HashFunction(partition_->hash_tree_algorithm);
@@ -103,7 +227,6 @@
return true;
}
-
bool VerityWriterAndroid::Finalize(FileDescriptor* read_fd,
FileDescriptor* write_fd) {
const auto hash_tree_data_end =
@@ -145,6 +268,50 @@
return true;
}
+bool VerityWriterAndroid::IncrementalFinalize(FileDescriptor* read_fd,
+ FileDescriptor* write_fd) {
+ if (!hash_tree_written_) {
+ LOG(INFO) << "Completing prework in Finalize";
+ const auto hash_tree_data_end =
+ partition_->hash_tree_data_offset + partition_->hash_tree_data_size;
+ if (total_offset_ < hash_tree_data_end) {
+ LOG(ERROR) << "Read up to " << total_offset_
+ << " when we are expecting to read everything "
+ "before "
+ << hash_tree_data_end;
+ return false;
+ }
+ // All hash tree data blocks has been hashed, write hash tree to disk.
+ LOG(INFO) << "Writing verity hash tree to "
+ << partition_->readonly_target_path;
+ if (hash_tree_builder_) {
+ TEST_AND_RETURN_FALSE(hash_tree_builder_->BuildHashTree());
+ TEST_AND_RETURN_FALSE_ERRNO(
+ write_fd->Seek(partition_->hash_tree_offset, SEEK_SET));
+ auto success =
+ hash_tree_builder_->WriteHashTree([write_fd](auto data, auto size) {
+ return utils::WriteAll(write_fd, data, size);
+ });
+ // hashtree builder already prints error messages.
+ TEST_AND_RETURN_FALSE(success);
+ hash_tree_builder_.reset();
+ }
+ hash_tree_written_ = true;
+ if (partition_->fec_size != 0) {
+ LOG(INFO) << "Writing verity FEC to " << partition_->readonly_target_path;
+ }
+ }
+ if (partition_->fec_size != 0) {
+ TEST_AND_RETURN_FALSE(encodeFEC_.Compute(read_fd, write_fd));
+ }
+ return true;
+}
+bool VerityWriterAndroid::FECFinished() const {
+ if (encodeFEC_.Finished()) {
+ return true;
+ }
+ return false;
+}
bool VerityWriterAndroid::EncodeFEC(FileDescriptor* read_fd,
FileDescriptor* write_fd,
uint64_t data_offset,
@@ -156,7 +323,8 @@
bool verify_mode) {
TEST_AND_RETURN_FALSE(data_size % block_size == 0);
TEST_AND_RETURN_FALSE(fec_roots >= 0 && fec_roots < FEC_RSM);
- // This is the N in RS(M, N), which is the number of bytes for each rs block.
+ // This is the N in RS(M, N), which is the number of bytes for each rs
+ // block.
size_t rs_n = FEC_RSM - fec_roots;
uint64_t rounds = utils::DivRoundUp(data_size / block_size, rs_n);
TEST_AND_RETURN_FALSE(rounds * fec_roots * block_size == fec_size);
@@ -196,8 +364,8 @@
}
brillo::Blob fec(block_size * fec_roots);
for (size_t j = 0; j < block_size; j++) {
- // Encode [j * rs_n : (j + 1) * rs_n) in |rs_blocks| and write |fec_roots|
- // number of parity bytes to |j * fec_roots| in |fec|.
+ // Encode [j * rs_n : (j + 1) * rs_n) in |rs_blocks| and write
+ // |fec_roots| number of parity bytes to |j * fec_roots| in |fec|.
encode_rs_char(rs_char.get(),
rs_blocks.data() + j * rs_n,
fec.data() + j * fec_roots);
diff --git a/payload_consumer/verity_writer_android.h b/payload_consumer/verity_writer_android.h
index a6a4920..0d48803 100644
--- a/payload_consumer/verity_writer_android.h
+++ b/payload_consumer/verity_writer_android.h
@@ -21,11 +21,62 @@
#include <string>
#include <verity/hash_tree_builder.h>
+#include <base/logging.h>
+#include <base/posix/eintr_wrapper.h>
+#include <fec/ecc.h>
+extern "C" {
+#include <fec.h>
+}
#include "payload_consumer/file_descriptor.h"
+#include "update_engine/payload_consumer/cached_file_descriptor.h"
#include "update_engine/payload_consumer/verity_writer_interface.h"
namespace chromeos_update_engine {
+enum class EncodeFECStep {
+ kInitFDStep,
+ kEncodeRoundStep,
+ kWriteStep,
+ kComplete
+};
+class IncrementalEncodeFEC {
+ public:
+ IncrementalEncodeFEC()
+ : rs_char_(nullptr, &free_rs_char), cache_fd_(nullptr, 1 * (1 << 20)) {}
+ // Initialize all member variables needed to performe FEC Computation
+ bool Init(const uint64_t _data_offset,
+ const uint64_t _data_size,
+ const uint64_t _fec_offset,
+ const uint64_t _fec_size,
+ const uint64_t _fec_roots,
+ const uint64_t _block_size,
+ const bool _verify_mode);
+ bool Compute(FileDescriptor* _read_fd, FileDescriptor* _write_fd);
+ void UpdateState();
+ bool Finished() const;
+ void Reset();
+
+ private:
+ brillo::Blob rs_blocks_;
+ brillo::Blob buffer_;
+ brillo::Blob fec_;
+ brillo::Blob fec_read_;
+ EncodeFECStep current_step_;
+ size_t current_round_;
+ size_t num_rounds_;
+ FileDescriptor* read_fd_;
+ FileDescriptor* write_fd_;
+ uint64_t data_offset_;
+ uint64_t data_size_;
+ uint64_t fec_offset_;
+ uint64_t fec_size_;
+ uint64_t fec_roots_;
+ uint64_t block_size_;
+ size_t rs_n_;
+ bool verify_mode_;
+ std::unique_ptr<void, decltype(&free_rs_char)> rs_char_;
+ UnownedCachedFileDescriptor cache_fd_;
+};
class VerityWriterAndroid : public VerityWriterInterface {
public:
@@ -35,7 +86,10 @@
bool Init(const InstallPlan::Partition& partition);
bool Update(uint64_t offset, const uint8_t* buffer, size_t size) override;
bool Finalize(FileDescriptor* read_fd, FileDescriptor* write_fd) override;
+ bool IncrementalFinalize(FileDescriptor* read_fd,
+ FileDescriptor* write_fd) override;
+ bool FECFinished() const override;
// Read [data_offset : data_offset + data_size) from |path| and encode FEC
// data, if |verify_mode|, then compare the encoded FEC with the one in
// |path|, otherwise write the encoded FEC to |path|. We can't encode as we go
@@ -61,6 +115,9 @@
bool verify_mode);
private:
+ // stores the state of EncodeFEC
+ IncrementalEncodeFEC encodeFEC_;
+ bool hash_tree_written_ = false;
const InstallPlan::Partition* partition_ = nullptr;
std::unique_ptr<HashTreeBuilder> hash_tree_builder_;
diff --git a/payload_consumer/verity_writer_interface.h b/payload_consumer/verity_writer_interface.h
index 432ede7..8b4f080 100644
--- a/payload_consumer/verity_writer_interface.h
+++ b/payload_consumer/verity_writer_interface.h
@@ -22,6 +22,7 @@
#include <base/macros.h>
+#include "common/utils.h"
#include "payload_consumer/file_descriptor.h"
#include "update_engine/payload_consumer/install_plan.h"
@@ -38,8 +39,21 @@
// blocks has passed.
virtual bool Update(uint64_t offset, const uint8_t* buffer, size_t size) = 0;
+ // Deprecated function -> use IncrementalFinalize to allow verity writes to be
+ // interrupted. left for backwards compatibility
+ virtual bool Finalize(FileDescriptor* read_fd, FileDescriptor* write_fd) {
+ while (!FECFinished()) {
+ TEST_AND_RETURN_FALSE(IncrementalFinalize(read_fd, write_fd));
+ }
+ return true;
+ }
+
// Write hash tree && FEC data to underlying fd, if they are present
- virtual bool Finalize(FileDescriptor* read_fd, FileDescriptor* write_fd) = 0;
+ virtual bool IncrementalFinalize(FileDescriptor* read_fd,
+ FileDescriptor* write_fd) = 0;
+
+ // Returns true once FEC data is finished writing
+ virtual bool FECFinished() const = 0;
protected:
VerityWriterInterface() = default;