Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_update_engine / 2fe84323164a95ce83c7936ef8f6c14483f38049 / . / scripts / paycheck.py
blob: 8eb0033d9c56c3fa94ea9134c03cdcb47f301a38 [file] [log] [blame]
Andrew Lassalle165843c2019-11-05 13:30:34 -0800[diff] [blame]1#!/usr/bin/env python
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]2#
Amin Hassanif94b6432018-01-26 17:39:47 -0800[diff] [blame]3# Copyright (C) 2013 The Android Open Source Project
4#
5# Licensed under the Apache License, Version 2.0 (the "License");
6# you may not use this file except in compliance with the License.
7# You may obtain a copy of the License at
8#
9# http://www.apache.org/licenses/LICENSE-2.0
10#
11# Unless required by applicable law or agreed to in writing, software
12# distributed under the License is distributed on an "AS IS" BASIS,
13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16#
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]17
18"""Command-line tool for checking and applying Chrome OS update payloads."""
19
Andrew Lassalle165843c2019-11-05 13:30:34 -0800[diff] [blame]20from __future__ import absolute_import
Gilad Arnoldb92167f2015-07-15 16:49:00 -0700[diff] [blame]21from __future__ import print_function
22
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]23# pylint: disable=import-error
24import argparse
Amin Hassanie20eb912018-02-21 12:39:42 -0800[diff] [blame]25import filecmp
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]26import os
27import sys
Amin Hassanie20eb912018-02-21 12:39:42 -0800[diff] [blame]28import tempfile
29
Andrew Lassalle165843c2019-11-05 13:30:34 -0800[diff] [blame]30from six.moves import zip
Amin Hassanie20eb912018-02-21 12:39:42 -0800[diff] [blame]31from update_payload import error
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]32
Andrew Lassalle165843c2019-11-05 13:30:34 -0800[diff] [blame]33
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]34lib_dir = os.path.join(os.path.dirname(__file__), 'lib')
35if os.path.exists(lib_dir) and os.path.isdir(lib_dir):
36 sys.path.insert(1, lib_dir)
Andrew Lassalle165843c2019-11-05 13:30:34 -0800[diff] [blame]37import update_payload # pylint: disable=wrong-import-position
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]38
39
40_TYPE_FULL = 'full'
41_TYPE_DELTA = 'delta'
42
Xiaochu Liu6cf8e672019-03-14 16:15:42 -0700[diff] [blame]43def CheckApplyPayload(args):
44 """Whether to check the result after applying the payload.
45
46 Args:
47 args: Parsed command arguments (the return value of
48 ArgumentParser.parse_args).
49
50 Returns:
51 Boolean value whether to check.
52 """
53 return args.dst_part_paths is not None
54
55def ApplyPayload(args):
56 """Whether to apply the payload.
57
58 Args:
59 args: Parsed command arguments (the return value of
60 ArgumentParser.parse_args).
61
62 Returns:
63 Boolean value whether to apply the payload.
64 """
65 return CheckApplyPayload(args) or args.out_dst_part_paths is not None
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]66
Gilad Arnold4fbe4092013-04-17 10:00:55 -0700[diff] [blame]67def ParseArguments(argv):
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]68 """Parse and validate command-line arguments.
69
70 Args:
Gilad Arnold4fbe4092013-04-17 10:00:55 -0700[diff] [blame]71 argv: command-line arguments to parse (excluding the program name)
Gilad Arnoldb92167f2015-07-15 16:49:00 -0700[diff] [blame]72
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]73 Returns:
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]74 Returns the arguments returned by the argument parser.
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]75 """
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]76 parser = argparse.ArgumentParser(
Xiaochu Liu6cf8e672019-03-14 16:15:42 -0700[diff] [blame]77 description=('Applies a Chrome OS update PAYLOAD to src_part_paths'
78 'emitting dst_part_paths, respectively. '
79 'src_part_paths are only needed for delta payloads. '
Gilad Arnold4fbe4092013-04-17 10:00:55 -0700[diff] [blame]80 'When no partitions are provided, verifies the payload '
81 'integrity.'),
82 epilog=('Note: a payload may verify correctly but fail to apply, and '
83 'vice versa; this is by design and can be thought of as static '
84 'vs dynamic correctness. A payload that both verifies and '
85 'applies correctly should be safe for use by the Chrome OS '
86 'Update Engine. Use --check to verify a payload prior to '
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]87 'applying it.'),
88 formatter_class=argparse.RawDescriptionHelpFormatter
89 )
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]90
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]91 check_args = parser.add_argument_group('Checking payload integrity')
92 check_args.add_argument('-c', '--check', action='store_true', default=False,
93 help=('force payload integrity check (e.g. before '
94 'applying)'))
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]95 check_args.add_argument('-r', '--report', metavar='FILE',
96 help="dump payload report (`-' for stdout)")
97 check_args.add_argument('-t', '--type', dest='assert_type',
98 help='assert the payload type',
99 choices=[_TYPE_FULL, _TYPE_DELTA])
100 check_args.add_argument('-z', '--block-size', metavar='NUM', default=0,
101 type=int,
102 help='assert a non-default (4096) payload block size')
103 check_args.add_argument('-u', '--allow-unhashed', action='store_true',
104 default=False, help='allow unhashed operations')
105 check_args.add_argument('-d', '--disabled_tests', default=(), metavar='',
106 help=('space separated list of tests to disable. '
107 'allowed options include: ' +
108 ', '.join(update_payload.CHECKS_TO_DISABLE)),
109 choices=update_payload.CHECKS_TO_DISABLE)
110 check_args.add_argument('-k', '--key', metavar='FILE',
111 help=('override standard key used for signature '
112 'validation'))
113 check_args.add_argument('-m', '--meta-sig', metavar='FILE',
114 help='verify metadata against its signature')
Amin Hassania86b1082018-03-08 15:48:59 -0800[diff] [blame]115 check_args.add_argument('-s', '--metadata-size', metavar='NUM', default=0,
116 help='the metadata size to verify with the one in'
117 ' payload')
Tudor Brindus2d22c1a2018-06-15 13:07:13 -0700[diff] [blame]118 check_args.add_argument('--part_sizes', metavar='NUM', nargs='+', type=int,
119 help='override partition size auto-inference')
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]120
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]121 apply_args = parser.add_argument_group('Applying payload')
122 # TODO(ahassani): Extent extract-bsdiff to puffdiff too.
123 apply_args.add_argument('-x', '--extract-bsdiff', action='store_true',
124 default=False,
125 help=('use temp input/output files with BSDIFF '
126 'operations (not in-place)'))
127 apply_args.add_argument('--bspatch-path', metavar='FILE',
128 help='use the specified bspatch binary')
129 apply_args.add_argument('--puffpatch-path', metavar='FILE',
130 help='use the specified puffpatch binary')
Gilad Arnold272a4992013-05-08 13:12:53 -0700[diff] [blame]131
Tudor Brindus2d22c1a2018-06-15 13:07:13 -0700[diff] [blame]132 apply_args.add_argument('--src_part_paths', metavar='FILE', nargs='+',
133 help='source partitition files')
134 apply_args.add_argument('--dst_part_paths', metavar='FILE', nargs='+',
135 help='destination partition files')
136 apply_args.add_argument('--out_dst_part_paths', metavar='FILE', nargs='+',
137 help='created destination partition files')
138
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]139 parser.add_argument('payload', metavar='PAYLOAD', help='the payload file')
Tudor Brindus2d22c1a2018-06-15 13:07:13 -0700[diff] [blame]140 parser.add_argument('--part_names', metavar='NAME', nargs='+',
141 help='names of partitions')
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]142
Gilad Arnold4fbe4092013-04-17 10:00:55 -0700[diff] [blame]143 # Parse command-line arguments.
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]144 args = parser.parse_args(argv)
Gilad Arnoldeaed0d12013-04-30 15:38:22 -0700[diff] [blame]145
Gilad Arnold4fbe4092013-04-17 10:00:55 -0700[diff] [blame]146 # There are several options that imply --check.
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]147 args.check = (args.check or args.report or args.assert_type or
148 args.block_size or args.allow_unhashed or
149 args.disabled_tests or args.meta_sig or args.key or
Xiaochu Liu6cf8e672019-03-14 16:15:42 -0700[diff] [blame]150 args.part_sizes is not None or args.metadata_size)
Gilad Arnold4fbe4092013-04-17 10:00:55 -0700[diff] [blame]151
Xiaochu Liu6cf8e672019-03-14 16:15:42 -0700[diff] [blame]152 # Makes sure the following arguments have the same length as |part_names| if
153 # set.
Tudor Brindus2d22c1a2018-06-15 13:07:13 -0700[diff] [blame]154 for arg in ['part_sizes', 'src_part_paths', 'dst_part_paths',
155 'out_dst_part_paths']:
Xiaochu Liu6cf8e672019-03-14 16:15:42 -0700[diff] [blame]156 if getattr(args, arg) is None:
157 # Parameter is not set.
158 continue
Tudor Brindus2d22c1a2018-06-15 13:07:13 -0700[diff] [blame]159 if len(args.part_names) != len(getattr(args, arg, [])):
160 parser.error('partitions in --%s do not match --part_names' % arg)
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]161
Xiaochu Liu6cf8e672019-03-14 16:15:42 -0700[diff] [blame]162 def _IsSrcPartPathsProvided(args):
163 return args.src_part_paths is not None
164
165 # Makes sure parameters are coherent with payload type.
166 if ApplyPayload(args):
167 if _IsSrcPartPathsProvided(args):
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]168 if args.assert_type == _TYPE_FULL:
169 parser.error('%s payload does not accept source partition arguments'
170 % _TYPE_FULL)
171 else:
172 args.assert_type = _TYPE_DELTA
173 else:
174 if args.assert_type == _TYPE_DELTA:
175 parser.error('%s payload requires source partitions arguments'
176 % _TYPE_DELTA)
177 else:
178 args.assert_type = _TYPE_FULL
179 else:
Amin Hassania5489022018-01-26 11:23:26 -0800[diff] [blame]180 # Not applying payload.
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]181 if args.extract_bsdiff:
Gilad Arnold272a4992013-05-08 13:12:53 -0700[diff] [blame]182 parser.error('--extract-bsdiff can only be used when applying payloads')
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]183 if args.bspatch_path:
Gilad Arnold21a02502013-08-22 16:59:48 -0700[diff] [blame]184 parser.error('--bspatch-path can only be used when applying payloads')
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]185 if args.puffpatch_path:
Amin Hassani6be71682017-12-01 10:46:45 -0800[diff] [blame]186 parser.error('--puffpatch-path can only be used when applying payloads')
Gilad Arnold4fbe4092013-04-17 10:00:55 -0700[diff] [blame]187
Don Garrett30027fd2013-05-01 16:56:16 -0700[diff] [blame]188 # By default, look for a metadata-signature file with a name based on the name
Gilad Arnold9b90c932013-05-22 17:12:56 -0700[diff] [blame]189 # of the payload we are checking. We only do it if check was triggered.
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]190 if args.check and not args.meta_sig:
191 default_meta_sig = args.payload + '.metadata-signature'
Don Garrett30027fd2013-05-01 16:56:16 -0700[diff] [blame]192 if os.path.isfile(default_meta_sig):
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]193 args.meta_sig = default_meta_sig
194 print('Using default metadata signature', args.meta_sig, file=sys.stderr)
Don Garrett30027fd2013-05-01 16:56:16 -0700[diff] [blame]195
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]196 return args
Gilad Arnold4fbe4092013-04-17 10:00:55 -0700[diff] [blame]197
198
199def main(argv):
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]200 # Parse and validate arguments.
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]201 args = ParseArguments(argv[1:])
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]202
Andrew1f6bcab2019-11-21 11:34:22 -0800[diff] [blame]203 with open(args.payload, 'rb') as payload_file:
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]204 payload = update_payload.Payload(payload_file)
205 try:
206 # Initialize payload.
207 payload.Init()
208
209 # Perform payload integrity checks.
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]210 if args.check:
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]211 report_file = None
212 do_close_report_file = False
Gilad Arnold7a7edfd2013-05-22 17:21:58 -0700[diff] [blame]213 metadata_sig_file = None
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]214 try:
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]215 if args.report:
216 if args.report == '-':
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]217 report_file = sys.stdout
218 else:
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]219 report_file = open(args.report, 'w')
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]220 do_close_report_file = True
Gilad Arnold03959b72013-05-07 17:08:18 -0700[diff] [blame]221
Xiaochu Liu6cf8e672019-03-14 16:15:42 -0700[diff] [blame]222 part_sizes = (args.part_sizes and
223 dict(zip(args.part_names, args.part_sizes)))
Andrew1f6bcab2019-11-21 11:34:22 -0800[diff] [blame]224 metadata_sig_file = args.meta_sig and open(args.meta_sig, 'rb')
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]225 payload.Check(
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]226 pubkey_file_name=args.key,
Gilad Arnold4f8c17c2013-05-04 22:57:45 -0700[diff] [blame]227 metadata_sig_file=metadata_sig_file,
Amin Hassania86b1082018-03-08 15:48:59 -0800[diff] [blame]228 metadata_size=int(args.metadata_size),
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]229 report_out_file=report_file,
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]230 assert_type=args.assert_type,
231 block_size=int(args.block_size),
Tudor Brindus2d22c1a2018-06-15 13:07:13 -0700[diff] [blame]232 part_sizes=part_sizes,
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]233 allow_unhashed=args.allow_unhashed,
234 disabled_tests=args.disabled_tests)
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]235 finally:
Gilad Arnold7a7edfd2013-05-22 17:21:58 -0700[diff] [blame]236 if metadata_sig_file:
237 metadata_sig_file.close()
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]238 if do_close_report_file:
239 report_file.close()
240
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]241 # Apply payload.
Xiaochu Liu6cf8e672019-03-14 16:15:42 -0700[diff] [blame]242 if ApplyPayload(args):
Amin Hassani52b60392017-12-19 10:53:24 -0800[diff] [blame]243 dargs = {'bsdiff_in_place': not args.extract_bsdiff}
244 if args.bspatch_path:
245 dargs['bspatch_path'] = args.bspatch_path
246 if args.puffpatch_path:
247 dargs['puffpatch_path'] = args.puffpatch_path
248 if args.assert_type == _TYPE_DELTA:
Tudor Brindus2d22c1a2018-06-15 13:07:13 -0700[diff] [blame]249 dargs['old_parts'] = dict(zip(args.part_names, args.src_part_paths))
Gilad Arnold272a4992013-05-08 13:12:53 -0700[diff] [blame]250
Tudor Brindus2d22c1a2018-06-15 13:07:13 -0700[diff] [blame]251 out_dst_parts = {}
252 file_handles = []
Xiaochu Liu6cf8e672019-03-14 16:15:42 -0700[diff] [blame]253 if args.out_dst_part_paths is not None:
Tudor Brindus2d22c1a2018-06-15 13:07:13 -0700[diff] [blame]254 for name, path in zip(args.part_names, args.out_dst_part_paths):
Andrew1f6bcab2019-11-21 11:34:22 -0800[diff] [blame]255 handle = open(path, 'wb+')
Tudor Brindus2d22c1a2018-06-15 13:07:13 -0700[diff] [blame]256 file_handles.append(handle)
257 out_dst_parts[name] = handle.name
Amin Hassanie20eb912018-02-21 12:39:42 -0800[diff] [blame]258 else:
Tudor Brindus2d22c1a2018-06-15 13:07:13 -0700[diff] [blame]259 for name in args.part_names:
260 handle = tempfile.NamedTemporaryFile()
261 file_handles.append(handle)
262 out_dst_parts[name] = handle.name
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]263
Tudor Brindus2d22c1a2018-06-15 13:07:13 -0700[diff] [blame]264 payload.Apply(out_dst_parts, **dargs)
Amin Hassanie20eb912018-02-21 12:39:42 -0800[diff] [blame]265
266 # If destination kernel and rootfs partitions are not given, then this
267 # just becomes an apply operation with no check.
Xiaochu Liu6cf8e672019-03-14 16:15:42 -0700[diff] [blame]268 if CheckApplyPayload(args):
Amin Hassanie20eb912018-02-21 12:39:42 -0800[diff] [blame]269 # Prior to comparing, add the unused space past the filesystem
270 # boundary in the new target partitions to become the same size as
271 # the given partitions. This will truncate to larger size.
Tudor Brindus2d22c1a2018-06-15 13:07:13 -0700[diff] [blame]272 for part_name, out_dst_part, dst_part in zip(args.part_names,
273 file_handles,
274 args.dst_part_paths):
275 out_dst_part.truncate(os.path.getsize(dst_part))
Amin Hassanie20eb912018-02-21 12:39:42 -0800[diff] [blame]276
Tudor Brindus2d22c1a2018-06-15 13:07:13 -0700[diff] [blame]277 # Compare resulting partitions with the ones from the target image.
278 if not filecmp.cmp(out_dst_part.name, dst_part):
279 raise error.PayloadError(
280 'Resulting %s partition corrupted.' % part_name)
Amin Hassanie20eb912018-02-21 12:39:42 -0800[diff] [blame]281
282 # Close the output files. If args.out_dst_* was not given, then these
283 # files are created as temp files and will be deleted upon close().
Tudor Brindus2d22c1a2018-06-15 13:07:13 -0700[diff] [blame]284 for handle in file_handles:
285 handle.close()
Andrew Lassalle165843c2019-11-05 13:30:34 -0800[diff] [blame]286 except error.PayloadError as e:
Gilad Arnold553b0ec2013-01-26 01:00:39 -0800[diff] [blame]287 sys.stderr.write('Error: %s\n' % e)
288 return 1
289
290 return 0
291
292
293if __name__ == '__main__':
294 sys.exit(main(sys.argv))